# Kali Linux Juice Shop Pentest Course: Section 1/5 – Introduction
## Installation and Configuration on Kali Linux
Juice Shop is a modern, vulnerable web application designed to be an educational tool for security enthusiasts and professionals. Working with Juice Shop on Kali Linux offers a robust environment for penetration testing, allowing users to simulate attacks and discover security vulnerabilities in a controlled setting. This section will guide you through the installation and configuration process on Kali Linux.
### Prerequisites
Before starting with the installation, ensure you have:
1. **Kali Linux Installed**: The latest version of Kali Linux is recommended. You can download it from the [official Kali website](https://www.kali.org/downloads/).
2. **Basic Understanding of Terminal Commands**: Familiarity with Linux command line is essential for navigating and executing commands.
### Step 1: Update Your System
To ensure your Kali Linux environment is up-to-date, open a terminal and run the following commands:
"`bash
sudo apt update && sudo apt upgrade -y
"`
This command updates the package index and upgrades any outdated packages.
### Step 2: Install Node.js and NPM
Juice Shop is built with Node.js, so you need to install it along with npm (Node Package Manager). Execute the following commands:
"`bash
sudo apt install nodejs npm -y
"`
To verify the installation, check the installed versions:
"`bash
node -v
npm -v
"`
### Step 3: Clone the Juice Shop Repository
Next, clone the Juice Shop repository from GitHub. This will download the latest version of the application.
"`bash
git clone https://github.com/OWASP/juice-shop.git
"`
Navigate into the cloned directory:
"`bash
cd juice-shop
"`
### Step 4: Install Dependencies
Once inside the Juice Shop directory, install the necessary dependencies with npm:
"`bash
npm install
"`
This command reads the `package.json` file and installs all the dependencies required to run the Juice Shop application.
### Step 5: Start the Juice Shop Application
After the installation is complete, start the Juice Shop application using the following command:
"`bash
npm start
"`
By default, Juice Shop will run on `http://localhost:3000`. You can access it from your web browser to ensure everything is working correctly.
## Step-by-Step Usage and Real-World Use Cases
With Juice Shop installed and running, you can start exploring its features and vulnerabilities. This section will provide a detailed walkthrough of navigating the application, identifying vulnerabilities, and conducting penetration testing.
### Navigating the Juice Shop Application
Upon accessing `http://localhost:3000`, you will see the Juice Shop interface, resembling an e-commerce website. Familiarizing yourself with the different sections of the application is crucial, as this will aid in identifying potential security issues.
#### Key Sections of Juice Shop
1. **Product Listings**: View different products available for purchase.
2. **Shopping Cart**: Add products to your cart and proceed to checkout.
3. **User Registration/Login**: Create a new account or log in to an existing one.
4. **Admin Interface**: Accessible only with the right credentials, but contains sensitive functionalities.
### Real-World Use Cases
Juice Shop serves as an excellent platform to practice penetration testing techniques in real-world scenarios. Below are some common vulnerabilities you may explore:
#### 1. SQL Injection
SQL Injection (SQLi) is one of the most critical vulnerabilities that can expose databases to unauthorized access. In Juice Shop, you can perform SQL injection in the login form.
**Example**: Attempt to log in with the following input:
– **Email**: `[email protected]' OR '1'='1`
– **Password**: `anything`
This input can trick the application into returning user details without proper validation.
#### 2. Cross-Site Scripting (XSS)
XSS vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users. Juice Shop has multiple areas where you can test for XSS.
**Example**: Use the product search box to input:
"`javascript
"`
If executed, this script will display an alert, indicating the presence of an XSS vulnerability.
#### 3. Insecure Direct Object References (IDOR)
IDOR occurs when an application exposes references to internal implementation objects. To test for IDOR in Juice Shop, try to access the URL directly:
"`
http://localhost:3000/api/products/1
"`
Change the product ID to see if you can access unauthorized products.
### Detailed Technical Explanations
#### Understanding Vulnerabilities
1. **SQL Injection**:
– SQLi exploits vulnerabilities in an application's software by injecting malicious SQL queries.
– For mitigation, always use parameterized queries or prepared statements to prevent SQL injection attacks.
2. **Cross-Site Scripting**:
– XSS allows attackers to execute scripts in a user's browser, potentially stealing cookies or session data.
– To protect against XSS, ensure proper encoding of user inputs and outputs. Use Content Security Policy (CSP) headers to restrict sources of scripts.
3. **Insecure Direct Object References**:
– IDOR vulnerabilities occur when an attacker can manipulate input to access sensitive data.
– Implement authorization checks to validate user permissions before accessing resources.
### External Reference Links
For further reading and a deeper understanding of the vulnerabilities and how to exploit them, refer to the following resources:
– [OWASP Cheat Sheet Series](https://cheatsheetseries.owasp.org/)
– [OWASP Top Ten 2021](https://owasp.org/www-project-top-ten/)
– [SQL Injection](https://www.owasp.org/index.php/SQL_Injection)
– [Cross-Site Scripting](https://owasp.org/www-community/attacks/xss/)
– [Insecure Direct Object Reference](https://owasp.org/www-community/attacks/IDOR)
### Code Examples
#### SQL Injection Example in Markdown
"`sql
— Attempt to bypass login authentication using SQL Injection
' OR '1'='1' —
"`
#### XSS Example in Markdown
"`html
"`
#### Accessing API with IDOR
"`bash
# Using curl to exploit IDOR
curl http://localhost:3000/api/products/1
"`
## Conclusion
In this section, you learned about the installation and configuration of Juice Shop on Kali Linux. You explored various vulnerabilities that you can test within the application, along with step-by-step usage and real-world use cases. Familiarity with these concepts will lay the foundation for the rest of the course and empower you to master penetration testing with Juice Shop.
—
Made by pablo rotem / פבלו רותם