The Testing feature can also be used to test for
Broken Authentication vulnerabilities.
1. Create Test
You can create a Broken Authentication test from the
JUICE_SHOP_BROKEN_AUTHENTICATION template. Go to the
Endpoints page in the Metlo Web App and search for this endpoint
/rest/user/login. Next, go to the Endpoint Overview page for that endpoint and click on the
Tests tab. Now, click
Generate Test and
JUICE_SHOP_BROKEN_AUTHENTICATION on the drop-down menu. Once you are on the testing page, in the yaml test editor, replace the email field of the 2nd request with the value
firstname.lastname@example.org and password field with the value
password. Then replace the email field of the 3rd request with the value
' or 1=1 --.
2. Run Test
Now, if you run the test you will see that the 3rd request failed. It successfully logged in when we provided a SQL Injection payload in the email field with an arbitrary password.
With Metlo’s Testing feature, you can also create
Rules that tell Metlo to always test some subset of endpoint with a specific test. Let’s create a Rule that creates Broken Authentication tests for the Card endpoints.
First, go to the Rules tab of the Testing page. Next, click on the
New button and fill in the following information:
Name -> Card Endpoints Broken Authentication Test Templates -> JUICE_SHOP_BROKEN_AUTHENTICATION Endpoint Filter -> /api/Card Auto Enable -> Toggled On
Now, click on the
Save button. You should now have a new entry in the Rules tab and new auto generated tests in the Tests tab specifically for endpoints that meet the criteria you specified. These tests are generated from the
JUICE_SHOP_BROKEN_AUTHENTICATION template and are automatically enabled to be run every 10 minutes. Metlo will also automatically create this test for any new endpoints which are detected that match the rule criteria. After the tests have ran, you can see that these tests pass since the Juice Shop app only allows authenticated users to call these endpoints.