Description

OWASP’s Juice Shop is one of the most famous insecure web applications around. You may have heard of it; you may have even spent significant time hacking it. But have you ever dug deeper? Have you ever looked under the hood at what makes it so insecure?
Join Joshua Beck, a Staff Application Security Engineer with John Deere, as he dives head first into the insecure and fruit scented waters of the Juice Shop: walking through the code and comparing it to what the user sees on the front end, providing the audience a complete picture of the life cycle of a vulnerability through a target system.

Detailed Overview

https://github.com/juice-shop/juice-shop
The OWASP Juice Shop is a vulnerable web application, which contains (among other items) a web application element a user interacts with, and a gamified portion which monitors and provides feedback on vulnerabilities located. These two pieces can be explored in concert to understand how this application works at a fundamental level, and can be walked through to explain in deeper detail how a vulnerability exists and can be found within a code base.

The presentation starts by examining the server.ts file for this application, which contains many of the API routes the web front end uses. The presenter will show on the web application front end how these endpoints can be called. Then will begin a walkthrough of some of the vulnerable elements.
https://github.com/juice-shop/juice-shop/blob/b156c969d7bc8f24544f162f482c6285f58b4285/server.ts#L69

After discussing the initial server page, the presenter will walk through the complete lifecycle of a vulnerability, by submitting a malicious payload to the website, showing the vulnerable output, then walking through the code base to understand what went wrong and where in the code the vulnerability really exists.

As an example, the presenter will show off vulnerable code snippets like this:
https://github.com/juice-shop/juice-shop/blob/b156c969d7bc8f24544f162f482c6285f58b4285/routes/search.ts#L23

The above link is a SQL injection vulnerability, which is accessed via search functionality on the website.

After this walkthrough, the presenter will walkthrough how to secure the aforementioned examples, and will wrap up with general secure coding advice like:

1. Validate and sanitize inputs.
2. Creating architectures which are more secure from the start.
3. Security focused testing and code review.

NOTE: This presentation can be made to be either a beginner or intermediate level talk, depending on conference need. It can also be made into a longer form interactive workshop, as the length is flexible and audiences tend to enjoy spending time working with the Juice Shop Site.