eb app vulnerability challenge tra Credit Opportunity! is lab will be done entirely on your own computer (not the Kali instance) using Docker. If you haven't used Docker before, then I think you will find that Docker is an indispensable tool that you will nt to learn more about. 1. Install Docker 2. Open a command line / terminal window 3. To get the environment for this lab, issue the command: 1. docker pull psiinon/bodgeit 4. To access the Bodgelt Store use: 1. docker run --rm -p 8080:8080 -i -t psiinon/bodgeit 2. And then point your browser at http://localhost:8080/bodgeit this capture the flag game you will be using your web application skills to complete several challenges. All of the changes are listed on the website under http://localhost:8080/bodgeit/score.jsp ill give you 17 extra credit points for each challenge you complete (if you complete all challenges you will receive 204 extra credit points, which equals two extra lab credits). re is the list of challenges. Once you complete the challenge the circle turns green. Your Score Here are at least some of the vulnerabilities that you can try and exploit: Challenge Done? Login as test@thebodgeitstore.com Login as user1@thebodgeitstore.com Login as admin@thebodgeitstore.com Find hidden content as a non admin user Find diagnostic data Level 1: Display a popup using: . Level 2: Display a popup using: Access someone elses basket Get the store to owe you money Change your password via a GET request Conquer AES encryption, and display a popup using: Conquer AES encryption and append a list of table names to the normal results. rn in a screenshot of your scoreboard for credit. ....

Please perform all the challenges in docker and send screenshot. At the end it will show all green.

Transcribed Image Text:

Web app vulnerability challenge Extra Credit Opportunity! This lab will be done entirely on your own computer (not the Kali instance) using Docker. If you haven't used Docker before, then I think you will find that Docker is an indispensable tool that you will want to learn more about. 1. Install Docker 2. Open a command line / terminal window 3. To get the environment for this lab, issue the command: 1. docker pull psiinon/bodgeit 4. To access the Bodgelt Store use: 1. docker run --rm -p 8080:8080 -i -t psiinon/bodgeit 2. And then point your browser at http://localhost:8080/bodgeit In this capture the flag game you will be using your web application skills to complete several challenges. All of the changes are listed on the website under http://localhost:8080/bodgeit/score.jsp I will give you 17 extra credit points for each challenge you complete (if you complete all challenges you will receive 204 extra credit points, which equals two extra lab credits). Here is the list of challenges. Once you complete the challenge the circle turns green. Your Score Here are at least some of the vulnerabilities that you can try and exploit: Challenge Done? Login as test@thebodgeitstore.com Login as user1@thebodgeitstore.com Login as admin@thebodgeitstore.com Find hidden content as a non admin user Find diagnostic data Level 1: Display a popup using: <script>alert("XSS")</script>. Level 2: Display a popup using: <script>alert("XSS")</script> Access someone elses basket Get the store to owe you money Change your password via a GET request Conquer AES encryption, and display a popup using: <script>alert("H@cked A3S")</script> Conquer AES encryption and append a list of table names to the normal results. Turn in a screenshot of your scoreboard for credit.