-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathfindings.json
More file actions
1 lines (1 loc) · 54.3 KB
/
findings.json
File metadata and controls
1 lines (1 loc) · 54.3 KB
1
[{"name":"Cloud Metadata Potentially Exposed","description":"The Cloud Metadata Attack attempts to abuse a misconfigured NGINX server in order to access the instance metadata maintained by cloud service providers such as AWS, GCP and Azure.All of these providers provide metadata via an internal unroutable IP address '169.254.169.254' - this can be exposed by incorrectly configured NGINX servers and accessed by using this IP address in the Host header field.","hint":null,"category":"Cloud Metadata Potentially Exposed","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"HIGH","references":[{"type":"URL","value":"https://www.nginx.com/blog/trust-no-one-perils-of-trusting-user-input/"},{"type":"CWE","value":"CWE-0"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/0.html"}],"mitigation":"Do not trust any user data in NGINX configs. In this case it is probably the use of the $host variable which is set from the 'Host' header and can be controlled by an attacker.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"1","zap_count":"1","zap_solution":"Do not trust any user data in NGINX configs. In this case it is probably the use of the $host variable which is set from the 'Host' header and can be controlled by an attacker.","zap_otherinfo":"Based on the successful response status code cloud metadata may have been returned in the response. Check the response data to see if any cloud metadata has been returned.The meta data returned can include information that would allow an attacker to completely compromise the system.","zap_reference":"https://www.nginx.com/blog/trust-no-one-perils-of-trusting-user-input/","zap_cweid":"0","zap_wascid":"0","zap_riskcode":"3","zap_pluginid":"90034","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/latest/meta-data/","method":"POST","param":"","attack":"169.254.169.254","evidence":"","otherinfo":"Based on the successful response status code cloud metadata may have been returned in the response. Check the response data to see if any cloud metadata has been returned.\nThe meta data returned can include information that would allow an attacker to completely compromise the system."}]},"id":"3fc5f313-dbc2-4c3e-a696-234fdbc56d8c","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"SQL Injection - SQLite","description":"SQL injection may be possible.","hint":null,"category":"SQL Injection - SQLite","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"HIGH","references":[{"type":"URL","value":"https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html"},{"type":"CWE","value":"CWE-89"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/89.html"}],"mitigation":"Do not trust client side input, even if there is client side validation in place.In general, type check all data on the server side.If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.If database Stored Procedures can be used, use them.Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!Do not create dynamic SQL queries using simple string concatenation.Escape all data received from the client.Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.Apply the principle of least privilege by using the least privileged database user possible.In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.Grant the minimum database access that is necessary for the application.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"2","zap_solution":"Do not trust client side input, even if there is client side validation in place.In general, type check all data on the server side.If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.If database Stored Procedures can be used, use them.Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!Do not create dynamic SQL queries using simple string concatenation.Escape all data received from the client.Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.Apply the principle of least privilege by using the least privileged database user possible.In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.Grant the minimum database access that is necessary for the application.","zap_otherinfo":"RDBMS [SQLite] likely, given error message regular expression [SQLITE_ERROR] matched by the HTML results.The vulnerability was detected by manipulating the parameter to cause a database error message to be returned and recognised.","zap_reference":"https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html","zap_cweid":"89","zap_wascid":"19","zap_riskcode":"3","zap_pluginid":"40018","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/rest/products/search?q=%27%28","method":"GET","param":"q","attack":"'(","evidence":"SQLITE_ERROR","otherinfo":"RDBMS [SQLite] likely, given error message regular expression [SQLITE_ERROR] matched by the HTML results.\nThe vulnerability was detected by manipulating the parameter to cause a database error message to be returned and recognised."},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"email","attack":"'","evidence":"SQLITE_ERROR","otherinfo":"RDBMS [SQLite] likely, given error message regular expression [SQLITE_ERROR] matched by the HTML results.\nThe vulnerability was detected by manipulating the parameter to cause a database error message to be returned and recognised."}]},"id":"adfa3f73-7c5b-4289-943a-7b3e8e0aaf53","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Content Security Policy (CSP) Header Not Set","description":"Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.","hint":null,"category":"Content Security Policy (CSP) Header Not Set","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"MEDIUM","references":[{"type":"URL","value":"https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy"},{"type":"URL","value":"https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html"},{"type":"URL","value":"https://www.w3.org/TR/CSP/"},{"type":"URL","value":"https://w3c.github.io/webappsec-csp/"},{"type":"URL","value":"https://web.dev/articles/csp"},{"type":"URL","value":"https://caniuse.com/#feat=contentsecuritypolicy"},{"type":"URL","value":"https://content-security-policy.com/"},{"type":"CWE","value":"CWE-693"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/693.html"}],"mitigation":"Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"3","zap_count":"11","zap_solution":"Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.","zap_otherinfo":null,"zap_reference":"https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/","zap_cweid":"693","zap_wascid":"15","zap_riskcode":"2","zap_pluginid":"10038","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/ftp","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/ftp/coupons_2013.md.bak","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/ftp/eastere.gg","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/ftp/encrypt.pyc","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/ftp/package.json.bak","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/ftp/suspicious_errors.yml","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:15:13","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:31:18","method":"GET","param":"","attack":"","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/sitemap.xml","method":"GET","param":"","attack":"","evidence":"","otherinfo":""}]},"id":"bc3d70f8-cab5-4cf0-a7b8-5f01d668fba4","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Cross-Domain Misconfiguration","description":"Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server.","hint":null,"category":"Cross-Domain Misconfiguration","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"MEDIUM","references":[{"type":"URL","value":"https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy"},{"type":"CWE","value":"CWE-264"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/264.html"}],"mitigation":"Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).Configure the \"Access-Control-Allow-Origin\" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"11","zap_solution":"Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).Configure the \"Access-Control-Allow-Origin\" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.","zap_otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.","zap_reference":"https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy","zap_cweid":"264","zap_wascid":"14","zap_riskcode":"2","zap_pluginid":"10098","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/ftp","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/main.js","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/polyfills.js","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/robots.txt","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/runtime.js","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/sitemap.xml","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/styles.css","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/vendor.js","method":"GET","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"","attack":"","evidence":"Access-Control-Allow-Origin: *","otherinfo":"The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing."}]},"id":"23baa80e-4aa8-4379-b135-ad79010b728e","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Cross-Domain JavaScript Source File Inclusion","description":"The page includes one or more script files from a third-party domain.","hint":null,"category":"Cross-Domain JavaScript Source File Inclusion","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"LOW","references":[{"type":"CWE","value":"CWE-829"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/829.html"}],"mitigation":"Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"10","zap_solution":"Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.","zap_otherinfo":null,"zap_reference":null,"zap_cweid":"829","zap_wascid":"15","zap_riskcode":"1","zap_pluginid":"10017","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:15:13","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:15:13","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:31:18","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:31:18","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/sitemap.xml","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/sitemap.xml","method":"GET","param":"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"></script>","otherinfo":""}]},"id":"6a53bcab-a05c-4901-b851-d8ff21e54aaa","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Private IP Disclosure","description":"A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.","hint":null,"category":"Private IP Disclosure","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"LOW","references":[{"type":"URL","value":"https://tools.ietf.org/html/rfc1918"},{"type":"CWE","value":"CWE-200"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/200.html"}],"mitigation":"Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"1","zap_solution":"Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.","zap_otherinfo":"192.168.99.100:3000","zap_reference":"https://tools.ietf.org/html/rfc1918","zap_cweid":"200","zap_wascid":"13","zap_riskcode":"1","zap_pluginid":"2","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/rest/admin/application-configuration","method":"GET","param":"","attack":"","evidence":"192.168.99.100:3000","otherinfo":"192.168.99.100:3000\n"}]},"id":"5f0c294f-e72a-4853-93b3-60440b2ec92f","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Timestamp Disclosure - Unix","description":"A timestamp was disclosed by the application/web server. - Unix","hint":null,"category":"Timestamp Disclosure - Unix","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"LOW","references":[{"type":"URL","value":"https://cwe.mitre.org/data/definitions/200.html"},{"type":"CWE","value":"CWE-200"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/200.html"}],"mitigation":"Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"1","zap_count":"3","zap_solution":"Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.","zap_otherinfo":"1734944650, which evaluates to: 2024-12-23 09:04:10.","zap_reference":"https://cwe.mitre.org/data/definitions/200.html","zap_cweid":"200","zap_wascid":"13","zap_riskcode":"1","zap_pluginid":"10096","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/main.js","method":"GET","param":"","attack":"","evidence":"1734944650","otherinfo":"1734944650, which evaluates to: 2024-12-23 09:04:10."},{"uri":"http://juice-shop.default.svc:3000/rest/admin/application-configuration","method":"GET","param":"","attack":"","evidence":"1969196030","otherinfo":"1969196030, which evaluates to: 2032-05-26 14:53:50."},{"uri":"http://juice-shop.default.svc:3000/rest/admin/application-configuration","method":"GET","param":"","attack":"","evidence":"1970691216","otherinfo":"1970691216, which evaluates to: 2032-06-12 22:13:36."}]},"id":"21b92c09-94a9-49c6-ae0c-176185cf132b","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Authentication Request Identified","description":"The given request has been identified as an authentication request. The 'Other Info' field contains a set of key=value lines which identify any relevant fields. If the request is in a context which has an Authentication Method set to \"Auto-Detect\" then this rule will change the authentication to match the request identified.","hint":null,"category":"Authentication Request Identified","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"INFORMATIONAL","references":[{"type":"URL","value":"https://www.zaproxy.org/docs/desktop/addons/authentication-helper/auth-req-id/"}],"mitigation":"This is an informational alert rather than a vulnerability and so there is nothing to fix.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"3","zap_count":"1","zap_solution":"This is an informational alert rather than a vulnerability and so there is nothing to fix.","zap_otherinfo":"userParam=emailuserValue=admin@juice-sh.oppasswordParam=password","zap_reference":"https://www.zaproxy.org/docs/desktop/addons/authentication-helper/auth-req-id/","zap_cweid":"-1","zap_wascid":"-1","zap_riskcode":"0","zap_pluginid":"10111","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"email","attack":"","evidence":"password","otherinfo":"userParam=email\nuserValue=admin@juice-sh.op\npasswordParam=password"}]},"id":"a323f7db-bae3-4753-b958-c236dfbbe7b4","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Information Disclosure - Suspicious Comments","description":"The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.","hint":null,"category":"Information Disclosure - Suspicious Comments","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"INFORMATIONAL","references":[{"type":"CWE","value":"CWE-200"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/200.html"}],"mitigation":"Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"1","zap_count":"3","zap_solution":"Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.","zap_otherinfo":"The following pattern was used: \\bQUERY\\b and was detected in the element starting with: \"\"use strict\";(self.webpackChunkfrontend=self.webpackChunkfrontend||[]).push([[179],{902:(at,Bt,p)=>{var J=p(2313),t=p(5e3),k=p(5\", see evidence field for the suspicious comment/snippet.","zap_reference":null,"zap_cweid":"200","zap_wascid":"13","zap_riskcode":"0","zap_pluginid":"10027","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/main.js","method":"GET","param":"","attack":"","evidence":"query","otherinfo":"The following pattern was used: \\bQUERY\\b and was detected in the element starting with: \"\"use strict\";(self.webpackChunkfrontend=self.webpackChunkfrontend||[]).push([[179],{902:(at,Bt,p)=>{var J=p(2313),t=p(5e3),k=p(5\", see evidence field for the suspicious comment/snippet."},{"uri":"http://juice-shop.default.svc:3000/polyfills.js","method":"GET","param":"","attack":"","evidence":"select","otherinfo":"The following pattern was used: \\bSELECT\\b and was detected in the element starting with: \"(self.webpackChunkfrontend=self.webpackChunkfrontend||[]).push([[429],{7435:(s,g,e)=>{\"use strict\";e(5672),e(7181),window.global\", see evidence field for the suspicious comment/snippet."},{"uri":"http://juice-shop.default.svc:3000/vendor.js","method":"GET","param":"","attack":"","evidence":"query","otherinfo":"The following pattern was used: \\bQUERY\\b and was detected in the element starting with: \"(self.webpackChunkfrontend=self.webpackChunkfrontend||[]).push([[736],{9187:(gt,ce,u)=>{\"use strict\";u.d(ce,{ne:()=>Be,Xy:()=>fe\", see evidence field for the suspicious comment/snippet."}]},"id":"933b3568-7e08-4cc9-aa27-4424ee55c976","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Modern Web Application","description":"The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.","hint":null,"category":"Modern Web Application","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"INFORMATIONAL","references":null,"mitigation":"This is an informational alert and so no changes are required.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"11","zap_solution":"This is an informational alert and so no changes are required.","zap_otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application.","zap_reference":null,"zap_cweid":"-1","zap_wascid":"-1","zap_riskcode":"0","zap_pluginid":"10109","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:15:13","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/build/routes/fileServer.js:31:18","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."},{"uri":"http://juice-shop.default.svc:3000/sitemap.xml","method":"GET","param":"","attack":"","evidence":"<script src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"></script>","otherinfo":"No links have been found while there are scripts, which is an indication that this is a modern web application."}]},"id":"a24f455e-2824-4d61-8900-df5a52eb3d68","parsed_at":"2024-12-02T18:25:04.128Z"},{"name":"Session Management Response Identified","description":"The given response has been identified as containing a session management token. The 'Other Info' field contains a set of header tokens that can be used in the Header Based Session Management Method. If the request is in a context which has a Session Management Method set to \"Auto-Detect\" then this rule will change the session management to use the tokens identified.","hint":null,"category":"Session Management Response Identified","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"INFORMATIONAL","references":[{"type":"URL","value":"https://www.zaproxy.org/docs/desktop/addons/authentication-helper/session-mgmt-id"}],"mitigation":"This is an informational alert rather than a vulnerability and so there is nothing to fix.","attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"1","zap_solution":"This is an informational alert rather than a vulnerability and so there is nothing to fix.","zap_otherinfo":"json:authentication.token","zap_reference":"https://www.zaproxy.org/docs/desktop/addons/authentication-helper/session-mgmt-id","zap_cweid":"-1","zap_wascid":"-1","zap_riskcode":"0","zap_pluginid":"10112","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"authentication.token","attack":"","evidence":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MSwidXNlcm5hbWUiOiIiLCJlbWFpbCI6ImFkbWluQGp1aWNlLXNoLm9wIiwicGFzc3dvcmQiOiIwMTkyMDIzYTdiYmQ3MzI1MDUxNmYwNjlkZjE4YjUwMCIsInJvbGUiOiJhZG1pbiIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIwLjAuMC4wIiwicHJvZmlsZUltYWdlIjoiYXNzZXRzL3B1YmxpYy9pbWFnZXMvdXBsb2Fkcy9kZWZhdWx0QWRtaW4ucG5nIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDI0LTEyLTAyIDE4OjE2OjE2LjU4NSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDI0LTEyLTAyIDE4OjE2OjE2LjU4NSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE3MzMxNjM0MjYsImV4cCI6MTczMzE4MTQyNn0.QFrwmXEl1xIMWPWnZyGmO0aRfzfNjQoZbN3cm1Gfp9KegN9mShI8I-X9wF_ZigNb_EGyvcvmxJcabpD_v_tc91HbvgN6oK_oXGeh76RzhyognIUOeubhor8SmoD33278yq_WJ8GMPH_Y7OMb4kLyVWhXoYrsk2JT6b7KXI9l8sY","otherinfo":"\njson:authentication.token"}]},"id":"d7bab8fb-0daf-42f2-98ee-e378c68b67c2","parsed_at":"2024-12-02T18:25:04.129Z"},{"name":"User Agent Fuzzer","description":"Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.","hint":null,"category":"User Agent Fuzzer","location":"http://juice-shop.default.svc:3000","osi_layer":"APPLICATION","severity":"INFORMATIONAL","references":[{"type":"URL","value":"https://owasp.org/wstg"},{"type":"CWE","value":"CWE-0"},{"type":"URL","value":"https://cwe.mitre.org/data/definitions/0.html"}],"mitigation":null,"attributes":{"hostname":"juice-shop.default.svc","port":"3000","zap_confidence":"2","zap_count":"72","zap_solution":null,"zap_otherinfo":null,"zap_reference":"https://owasp.org/wstg","zap_cweid":"0","zap_wascid":"0","zap_riskcode":"0","zap_pluginid":"10104","zap_finding_urls":[{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets","method":"GET","param":"Header User-Agent","attack":"msnbot/1.1 (+http://search.msn.com/msnbot.htm)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/assets/i18n","method":"GET","param":"Header User-Agent","attack":"msnbot/1.1 (+http://search.msn.com/msnbot.htm)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha","method":"GET","param":"Header User-Agent","attack":"msnbot/1.1 (+http://search.msn.com/msnbot.htm)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/captcha/","method":"GET","param":"Header User-Agent","attack":"msnbot/1.1 (+http://search.msn.com/msnbot.htm)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/languages","method":"GET","param":"Header User-Agent","attack":"msnbot/1.1 (+http://search.msn.com/msnbot.htm)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16","evidence":"","otherinfo":""},{"uri":"http://juice-shop.default.svc:3000/rest/user/login","method":"POST","param":"Header User-Agent","attack":"msnbot/1.1 (+http://search.msn.com/msnbot.htm)","evidence":"","otherinfo":""}]},"id":"bc0215f5-ceba-46cd-b82d-ea68fdcdd6e5","parsed_at":"2024-12-02T18:25:04.129Z"}]