forked from juice-shop/juice-shop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ru_RU.json
319 lines (319 loc) · 57.6 KB
/
ru_RU.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
{
"0": 0,
"1": 1,
"2": "2",
"3": "3",
"4": 4,
"5": 5,
"6": 6,
"7": 7,
"8": 8,
"9": 9,
"10": 10,
"11": 11,
"12": 12,
"13": 13,
"14": 14,
"15": 15,
"16": 16,
"17": 17,
"18": 18,
"19": 19,
"20": 20,
"21": 21,
"Find the carefully hidden 'Score Board' page.": "Find the carefully hidden 'Score Board' page.",
"Try to find a reference or clue behind the scenes. Or simply guess what URL the Score Board might have.": "Try to find a reference or clue behind the scenes. Or simply guess what URL the Score Board might have.",
"Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> without using the frontend application at all.": "Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> without using the frontend application at all.",
"You need to work with the server-side API directly. Try different HTTP verbs on different entities exposed through the API.": "You need to work with the server-side API directly. Try different HTTP verbs on different entities exposed through the API.",
"Gain access to any access log file of the server.": "Gain access to any access log file of the server.",
"Who would want a server access log to be accessible through a web application?": "Who would want a server access log to be accessible through a web application?",
"Register as a user with administrator privileges.": "Register as a user with administrator privileges.",
"You have to assign the unassignable.": "You have to assign the unassignable.",
"Access the administration section of the store.": "Access the administration section of the store.",
"It is just slightly harder to find than the score board link.": "It is just slightly harder to find than the score board link.",
"Overwrite the <a href=\"/ftp/legal.md\">Legal Information</a> file.": "Overwrite the <a href=\"/ftp/legal.md\">Legal Information</a> file.",
"Look out for a tweet praising new functionality of the web shop. Then find a third party vulnerability associated with it.": "Look out for a tweet praising new functionality of the web shop. Then find a third party vulnerability associated with it.",
"Reset the password of Bjoern's OWASP account via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.": "Reset the password of Bjoern's OWASP account via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.",
"He might have spoilered it on at least one occasion where a camera was running. Maybe elsewhere as well.": "He might have spoilered it on at least one occasion where a camera was running. Maybe elsewhere as well.",
"Learn about the Token Sale before its official announcement.": "Learn about the Token Sale before its official announcement.",
"The developers truly believe in \"Security through Obscurity\" over actual access restrictions.": "The developers truly believe in \"Security through Obscurity\" over actual access restrictions.",
"Perform a Remote Code Execution that would keep a less hardened application busy <em>forever</em>.": "Perform a Remote Code Execution that would keep a less hardened application busy <em>forever</em>.",
"The feature you need to exploit for this challenge is not directly advertised anywhere.": "The feature you need to exploit for this challenge is not directly advertised anywhere.",
"Submit 10 or more customer feedbacks within 10 seconds.": "Submit 10 or more customer feedbacks within 10 seconds.",
"After finding a CAPTCHA bypass, write a script that automates feedback submission. Or open many browser tabs and be really quick.": "After finding a CAPTCHA bypass, write a script that automates feedback submission. Or open many browser tabs and be really quick.",
"Change Bender's password into <i>slurmCl4ssic</i> without using SQL Injection or Forgot Password.": "Change Bender's password into <i>slurmCl4ssic</i> without using SQL Injection or Forgot Password.",
"In previous releases this challenge was wrongly accused of being based on CSRF.": "In previous releases this challenge was wrongly accused of being based on CSRF.",
"Order the Christmas special offer of 2014.": "Order the Christmas special offer of 2014.",
"Find out how the application handles unavailable products and try to find a loophole.": "Find out how the application handles unavailable products and try to find a loophole.",
"Perform an XSS attack with <code><script>alert(`xss`)</script></code> on a legacy page within the application.": "Perform an XSS attack with <code><script>alert(`xss`)</script></code> on a legacy page within the application.",
"What is even \"better\" than homegrown validation based on a RegEx? Homegrown sanitization based on a RegEx!": "What is even \"better\" than homegrown validation based on a RegEx? Homegrown sanitization based on a RegEx!",
"Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> bypassing a <i>client-side</i> security mechanism.": "Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> bypassing a <i>client-side</i> security mechanism.",
"Only some input fields validate their input. Even less of these are persisted in a way where their content is shown on another screen.": "Only some input fields validate their input. Even less of these are persisted in a way where their content is shown on another screen.",
"Access a confidential document.": "Access a confidential document.",
"Analyze and tamper with links in the application that deliver a file directly.": "Analyze and tamper with links in the application that deliver a file directly.",
"Perform a <i>DOM</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code>.": "Perform a <i>DOM</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code>.",
"Look for an input field where its content appears in the HTML when its form is submitted.": "Look for an input field where its content appears in the HTML when its form is submitted.",
"Exfiltrate the entire DB schema definition via SQL Injection.": "Exfiltrate the entire DB schema definition via SQL Injection.",
"Find out where this information could come from. Then craft a UNION SELECT attack string against an endpoint that offers an unnecessary way to filter data.": "Find out where this information could come from. Then craft a UNION SELECT attack string against an endpoint that offers an unnecessary way to filter data.",
"Use a deprecated B2B interface that was not properly shut down.": "Use a deprecated B2B interface that was not properly shut down.",
"The developers who disabled the interface think they could go invisible by just closing their eyes.": "The developers who disabled the interface think they could go invisible by just closing their eyes.",
"Find the hidden <a href=\"http://en.wikipedia.org/wiki/Easter_egg_(media)\" target=\"_blank\">easter egg</a>.": "Find the hidden <a href=\"http://en.wikipedia.org/wiki/Easter_egg_(media)\" target=\"_blank\">easter egg</a>.",
"If you solved one of the three file access challenges, you already know where to find the easter egg.": "If you solved one of the three file access challenges, you already know where to find the easter egg.",
"Perform an unwanted information disclosure by accessing data cross-domain.": "Perform an unwanted information disclosure by accessing data cross-domain.",
"Try to find and attack an endpoint that responds with user information. SQL Injection is not the solution here.": "Try to find and attack an endpoint that responds with user information. SQL Injection is not the solution here.",
"Log in with the (non-existing) accountant <i>[email protected]</i> without ever registering that user.": "Log in with the (non-existing) accountant <i>[email protected]</i> without ever registering that user.",
"Try to create the needed user \"out of thin air\".": "Try to create the needed user \"out of thin air\".",
"Provoke an error that is neither very gracefully nor consistently handled.": "Provoke an error that is neither very gracefully nor consistently handled.",
"Try to submit bad input to forms. Alternatively tamper with URL paths or parameters.": "Try to submit bad input to forms. Alternatively tamper with URL paths or parameters.",
"Successfully redeem an expired campaign coupon code.": "Successfully redeem an expired campaign coupon code.",
"Try to identify past special event or holiday campaigns of the shop first.": "Try to identify past special event or holiday campaigns of the shop first.",
"Retrieve the language file that never made it into production.": "Retrieve the language file that never made it into production.",
"Brute force is not the only option for this challenge, but a perfectly viable one.": "Brute force is not the only option for this challenge, but a perfectly viable one.",
"Get rid of all 5-star customer feedback.": "Get rid of all 5-star customer feedback.",
"Once you found admin section of the application, this challenge is almost trivial.": "Once you found admin section of the application, this challenge is almost trivial.",
"Forge a coupon code that gives you a discount of at least 80%.": "Forge a coupon code that gives you a discount of at least 80%.",
"Try either a) a knowledgable brute force attack or b) reverse engineering or c) some research in the cloud.": "Try either a) a knowledgable brute force attack or b) reverse engineering or c) some research in the cloud.",
"Post some feedback in another users name.": "Post some feedback in another users name.",
"You can solve this by tampering with the user interface or by intercepting the communication with the RESTful backend.": "You can solve this by tampering with the user interface or by intercepting the communication with the RESTful backend.",
"Post a product review as another user or edit any user's existing review.": "Post a product review as another user or edit any user's existing review.",
"Observe the flow of product review posting and editing and see if you can exploit it.": "Observe the flow of product review posting and editing and see if you can exploit it.",
"Forge an almost properly RSA-signed JWT token that impersonates the (non-existing) user <i>[email protected]</i>.": "Forge an almost properly RSA-signed JWT token that impersonates the (non-existing) user <i>[email protected]</i>.",
"This challenge is explicitly not about acquiring the RSA private key used for JWT signing.": "This challenge is explicitly not about acquiring the RSA private key used for JWT signing.",
"Access a developer's forgotten backup file.": "Access a developer's forgotten backup file.",
"You need to trick a security mechanism into thinking that the file you want has a valid file type.": "You need to trick a security mechanism into thinking that the file you want has a valid file type.",
"Access a salesman's forgotten backup file.": "Access a salesman's forgotten backup file.",
"<a href=\"/#/contact\">Inform the shop</a> about a <i>typosquatting</i> imposter that dug itself deep into the frontend. (Mention the exact name of the culprit)": "<a href=\"/#/contact\">Inform the shop</a> about a <i>typosquatting</i> imposter that dug itself deep into the frontend. (Mention the exact name of the culprit)",
"This challenge has nothing to do with mistyping web domains. There is no conveniently misplaced file helping you with this one either. Or is there?": "This challenge has nothing to do with mistyping web domains. There is no conveniently misplaced file helping you with this one either. Or is there?",
"Log in with Chris' erased user account.": "Log in with Chris' erased user account.",
"Turns out that something is technically and legally wrong with the implementation of the \"right to be forgotten\" for users.": "Turns out that something is technically and legally wrong with the implementation of the \"right to be forgotten\" for users.",
"Steal someone else's personal data without using Injection.": "Steal someone else's personal data without using Injection.",
"Trick the regular Data Export to give you more than actually belongs to you.": "Trick the regular Data Export to give you more than actually belongs to you.",
"Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> through an HTTP header.": "Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> through an HTTP header.",
"Finding a piece of displayed information that could originate from an HTTP header is the part of this challenge.": "Finding a piece of displayed information that could originate from an HTTP header is the part of this challenge.",
"Solve challenge #999. Unfortunately, this challenge does not exist.": "Solve challenge #999. Unfortunately, this challenge does not exist.",
"You need to trick the hacking progress persistence feature into thinking you solved challenge #999.": "You need to trick the hacking progress persistence feature into thinking you solved challenge #999.",
"Dumpster dive the Internet for a leaked password and log in to the original user account it belongs to. (Creating a new account with the same password does not qualify as a solution.)": "Dumpster dive the Internet for a leaked password and log in to the original user account it belongs to. (Creating a new account with the same password does not qualify as a solution.)",
"Once you have it, a technique called \"Password Spraying\" might prove useful.": "Once you have it, a technique called \"Password Spraying\" might prove useful.",
"Identify an unsafe product that was removed from the shop and <a href=\"/#/contact\">inform the shop</a> which ingredients are dangerous.": "Identify an unsafe product that was removed from the shop and <a href=\"/#/contact\">inform the shop</a> which ingredients are dangerous.",
"Your own SQLi and someone else's Ctrl-V will be your accomplices in this challenge!": "Your own SQLi and someone else's Ctrl-V will be your accomplices in this challenge!",
"<a href=\"/#/contact\">Inform the shop</a> about a <i>typosquatting</i> trick it has been a victim of at least in <code>v6.2.0-SNAPSHOT</code>. (Mention the exact name of the culprit)": "<a href=\"/#/contact\">Inform the shop</a> about a <i>typosquatting</i> trick it has been a victim of at least in <code>v6.2.0-SNAPSHOT</code>. (Mention the exact name of the culprit)",
"This challenge has nothing to do with mistyping web domains. Investigate the forgotten developer's backup file instead.": "This challenge has nothing to do with mistyping web domains. Investigate the forgotten developer's backup file instead.",
"Log in with the administrator's user account.": "Log in with the administrator's user account.",
"Try different SQL Injection attack patterns depending whether you know the admin's email address or not.": "Try different SQL Injection attack patterns depending whether you know the admin's email address or not.",
"Log in with Amy's original user credentials. (This could take 93.83 billion trillion trillion centuries to brute force, but luckily she did not read the \"One Important Final Note\")": "Log in with Amy's original user credentials. (This could take 93.83 billion trillion trillion centuries to brute force, but luckily she did not read the \"One Important Final Note\")",
"This challenge will make you go after a needle in a haystack.": "This challenge will make you go after a needle in a haystack.",
"Log in with Bender's user account.": "Log in with Bender's user account.",
"If you know Bender's email address, try SQL Injection. Bender's password hash might not help you very much.": "If you know Bender's email address, try SQL Injection. Bender's password hash might not help you very much.",
"Log in with Bjoern's Gmail account <i>without</i> previously changing his password, applying SQL Injection, or hacking his Google account.": "Log in with Bjoern's Gmail account <i>without</i> previously changing his password, applying SQL Injection, or hacking his Google account.",
"The security flaw behind this challenge is 100% Juice Shop's fault and 0% Google's.": "The security flaw behind this challenge is 100% Juice Shop's fault and 0% Google's.",
"Exploit OAuth 2.0 to log in with the Chief Information Security Officer's user account.": "Exploit OAuth 2.0 to log in with the Chief Information Security Officer's user account.",
"Don't try to beat Google's OAuth 2.0 service. Rather investigate implementation flaws on Juice Shop's end.": "Don't try to beat Google's OAuth 2.0 service. Rather investigate implementation flaws on Juice Shop's end.",
"Log in with Jim's user account.": "Log in with Jim's user account.",
"Try cracking Jim's password hash if you harvested it already. Alternatively, if you know Jim's email address, try SQL Injection.": "Try cracking Jim's password hash if you harvested it already. Alternatively, if you know Jim's email address, try SQL Injection.",
"Log in with MC SafeSearch's original user credentials without applying SQL Injection or any other bypass.": "Log in with MC SafeSearch's original user credentials without applying SQL Injection or any other bypass.",
"You should listen to MC's hit song \"Protect Ya Passwordz\".": "You should listen to MC's hit song \"Protect Ya Passwordz\".",
"Log in with the support team's original user credentials without applying SQL Injection or any other bypass.": "Log in with the support team's original user credentials without applying SQL Injection or any other bypass.",
"The underlying flaw of this challenge is a lot more human error than technical weakness.": "The underlying flaw of this challenge is a lot more human error than technical weakness.",
"Put an additional product into another user's shopping basket.": "Put an additional product into another user's shopping basket.",
"Have an eye on the HTTP traffic while placing products in the shopping basket. Changing the quantity of products already in the basket doesn't count.": "Have an eye on the HTTP traffic while placing products in the shopping basket. Changing the quantity of products already in the basket doesn't count.",
"Access a misplaced <a href=\"https://github.com/Neo23x0/sigma\">SIEM signature</a> file.": "Access a misplaced <a href=\"https://github.com/Neo23x0/sigma\">SIEM signature</a> file.",
"Like any review at least three times as the same user.": "Like any review at least three times as the same user.",
"Punctuality is the politeness of kings.": "Punctuality is the politeness of kings.",
"Apply some advanced cryptanalysis to find <i>the real</i> easter egg.": "Apply some advanced cryptanalysis to find <i>the real</i> easter egg.",
"You might have to peel through several layers of tough-as-nails encryption for this challenge.": "You might have to peel through several layers of tough-as-nails encryption for this challenge.",
"Let the server sleep for some time. (It has done more than enough hard work for you)": "Let the server sleep for some time. (It has done more than enough hard work for you)",
"This challenge is essentially a stripped-down Denial of Service (DoS) attack.": "This challenge is essentially a stripped-down Denial of Service (DoS) attack.",
"All your orders are belong to us! Even the ones which don't.": "All your orders are belong to us! Even the ones which don't.",
"Take a close look on how the $where query operator works in MongoDB.": "Take a close look on how the $where query operator works in MongoDB.",
"Update multiple product reviews at the same time.": "Update multiple product reviews at the same time.",
"Take a close look on how the equivalent of UPDATE-statements in MongoDB work.": "Take a close look on how the equivalent of UPDATE-statements in MongoDB work.",
"Let us redirect you to one of our crypto currency addresses which are not promoted any longer.": "Let us redirect you to one of our crypto currency addresses which are not promoted any longer.",
"We might have failed to take this out of our code properly.": "We might have failed to take this out of our code properly.",
"Log in with the administrator's user credentials without previously changing them or applying SQL Injection.": "Log in with the administrator's user credentials without previously changing them or applying SQL Injection.",
"This one should be equally easy to a) brute force, b) crack the password hash or c) simply guess.": "This one should be equally easy to a) brute force, b) crack the password hash or c) simply guess.",
"Place an order that makes you rich.": "Place an order that makes you rich.",
"You literally need to make the shop owe you any amount of money.": "You literally need to make the shop owe you any amount of money.",
"<i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><!--IvLuRfBJYlmStf9XfL6ckJFngyd9LfV1JaaN/KRTPQPidTuJ7FR+D/nkWJUF+0xUF07CeCeqYfxq+OJVVa0gNbqgYkUNvn//UbE7e95C+6e+7GtdpqJ8mqm4WcPvUGIUxmGLTTAC2+G9UuFCD1DUjg==--> <a href=\"https://blockchain.info/address/1AbKfgvw9psQ41NbLi8kufDQTezwG8DRZm\" target=\"_blank\"><i class=\"fab fa-btc fa-sm\"></i> Unlock Premium Challenge</a> to access exclusive content.": "<i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><i class=\"far fa-gem\"></i><!--IvLuRfBJYlmStf9XfL6ckJFngyd9LfV1JaaN/KRTPQPidTuJ7FR+D/nkWJUF+0xUF07CeCeqYfxq+OJVVa0gNbqgYkUNvn//UbE7e95C+6e+7GtdpqJ8mqm4WcPvUGIUxmGLTTAC2+G9UuFCD1DUjg==--> <a href=\"https://blockchain.info/address/1AbKfgvw9psQ41NbLi8kufDQTezwG8DRZm\" target=\"_blank\"><i class=\"fab fa-btc fa-sm\"></i> Unlock Premium Challenge</a> to access exclusive content.",
"You do not have to pay anything to unlock this challenge! Nonetheless, donations are very much appreciated.": "You do not have to pay anything to unlock this challenge! Nonetheless, donations are very much appreciated.",
"Read our privacy policy.": "Read our privacy policy.",
"We won't even ask you to confirm that you did. Just read it. Please. Pretty please.": "We won't even ask you to confirm that you did. Just read it. Please. Pretty please.",
"Prove that you actually read our privacy policy.": "Prove that you actually read our privacy policy.",
"Only by visiting a special URL you can confirm that you read it carefully.": "Only by visiting a special URL you can confirm that you read it carefully.",
"Change the <code>href</code> of the link within the <a href=\"/#/search?q=OWASP SSL Advanced Forensic Tool (O-Saft)\">OWASP SSL Advanced Forensic Tool (O-Saft)</a> product description into <i>https://owasp.slack.com</i>.": "Change the <code>href</code> of the link within the <a href=\"/#/search?q=OWASP SSL Advanced Forensic Tool (O-Saft)\">OWASP SSL Advanced Forensic Tool (O-Saft)</a> product description into <i>https://owasp.slack.com</i>.",
"Look for one of the following: a) broken admin functionality, b) holes in RESTful API or c) possibility for SQL Injection.": "Look for one of the following: a) broken admin functionality, b) holes in RESTful API or c) possibility for SQL Injection.",
"Perform a <i>reflected</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code>.": "Perform a <i>reflected</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code>.",
"Look for an input field where its content appears in the response HTML when its form is submitted.": "Look for an input field where its content appears in the response HTML when its form is submitted.",
"Follow the DRY principle while registering a user.": "Follow the DRY principle while registering a user.",
"You can solve this by cleverly interacting with the UI or bypassing it altogether.": "You can solve this by cleverly interacting with the UI or bypassing it altogether.",
"Reset Bender's password via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.": "Reset Bender's password via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.",
"Not as trivial as Jim's but still not too difficult with some \"Futurama\" background knowledge.": "Not as trivial as Jim's but still not too difficult with some \"Futurama\" background knowledge.",
"Reset the password of Bjoern's internal account via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.": "Reset the password of Bjoern's internal account via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.",
"Nothing a little bit of Facebook stalking couldn't reveal. Might involve a historical twist.": "Nothing a little bit of Facebook stalking couldn't reveal. Might involve a historical twist.",
"Reset Jim's password via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.": "Reset Jim's password via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>the original answer</i> to his security question.",
"It's hard for celebrities to pick a security question from a hard-coded list where the answer is not publicly exposed.": "It's hard for celebrities to pick a security question from a hard-coded list where the answer is not publicly exposed.",
"Reset Morty's password via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>his obfuscated answer</i> to his security question.": "Reset Morty's password via the <a href=\"/#/forgot-password\">Forgot Password</a> mechanism with <i>his obfuscated answer</i> to his security question.",
"Find a way to bypass the rate limiting and brute force the obfuscated answer to Morty's security question.": "Find a way to bypass the rate limiting and brute force the obfuscated answer to Morty's security question.",
"Deprive the shop of earnings by downloading the blueprint for one of its products.": "Deprive the shop of earnings by downloading the blueprint for one of its products.",
"The product you might want to give a closer look is the OWASP Juice Shop Logo (3D-printed).": "The product you might want to give a closer look is the OWASP Juice Shop Logo (3D-printed).",
"Request a hidden resource on server through server.": "Request a hidden resource on server through server.",
"Reverse engineering something bad can make good things happen.": "Reverse engineering something bad can make good things happen.",
"Infect the server with juicy malware by abusing arbitrary command execution.": "Infect the server with juicy malware by abusing arbitrary command execution.",
"\"SSTi\" is a clear indicator that this has nothing to do with anything Angular. Also, make sure to use only our non-malicious malware.": "\"SSTi\" is a clear indicator that this has nothing to do with anything Angular. Also, make sure to use only our non-malicious malware.",
"Behave like any \"white-hat\" should before getting into the action.": "Behave like any \"white-hat\" should before getting into the action.",
"Undoubtably you want to read our security policy before conducting any research on our application.": "Undoubtably you want to read our security policy before conducting any research on our application.",
"Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> bypassing a <i>server-side</i> security mechanism.": "Perform a <i>persisted</i> XSS attack with <code><iframe src=\"javascript:alert(`xss`)\"></code> bypassing a <i>server-side</i> security mechanism.",
"The \"Comment\" field in the \"Contact Us\" screen is where you want to put your focus on.": "The \"Comment\" field in the \"Contact Us\" screen is where you want to put your focus on.",
"<a href=\"/#/contact\">Rat out</a> a notorious character hiding in plain sight in the shop. (Mention the exact name of the character)": "<a href=\"/#/contact\">Rat out</a> a notorious character hiding in plain sight in the shop. (Mention the exact name of the character)",
"No matter how good your eyes are, you will need tool assistance for this challenge.": "No matter how good your eyes are, you will need tool assistance for this challenge.",
"Perform a Remote Code Execution that occupies the server for a while without using infinite loops.": "Perform a Remote Code Execution that occupies the server for a while without using infinite loops.",
"Your attack payload must not trigger the protection against too many iterations.": "Your attack payload must not trigger the protection against too many iterations.",
"<a href=\"/#/contact\">Inform the development team</a> about a danger to some of <em>their</em> credentials. (Send them the URL of the <em>original report</em> or the CVE of this vulnerability)": "<a href=\"/#/contact\">Inform the development team</a> about a danger to some of <em>their</em> credentials. (Send them the URL of the <em>original report</em> or the CVE of this vulnerability)",
"This vulnerability will not affect any customer of the shop. It is aimed exclusively at its developers.": "This vulnerability will not affect any customer of the shop. It is aimed exclusively at its developers.",
"Solve the 2FA challenge for user \"wurstbrot\". (Disabling, bypassing or overwriting his 2FA settings does not count as a solution)": "Solve the 2FA challenge for user \"wurstbrot\". (Disabling, bypassing or overwriting his 2FA settings does not count as a solution)",
"The 2FA implementation requires to store a secret for every user. You will need to find a way to access this secret in order to solve this challenge.": "The 2FA implementation requires to store a secret for every user. You will need to find a way to access this secret in order to solve this challenge.",
"Forge an essentially unsigned JWT token that impersonates the (non-existing) user <i>[email protected]</i>.": "Forge an essentially unsigned JWT token that impersonates the (non-existing) user <i>[email protected]</i>.",
"This challenge exploits a weird option that is supported when signing tokens with JWT.": "This challenge exploits a weird option that is supported when signing tokens with JWT.",
"Upload a file larger than 100 kB.": "Upload a file larger than 100 kB.",
"You can attach a small file to the \"File Complaint\" form. Investigate how this upload actually works.": "You can attach a small file to the \"File Complaint\" form. Investigate how this upload actually works.",
"Upload a file that has no .pdf or .zip extension.": "Upload a file that has no .pdf or .zip extension.",
"You can attach a PDF or ZIP file to the \"File Complaint\" form. Investigate how this upload actually works.": "You can attach a PDF or ZIP file to the \"File Complaint\" form. Investigate how this upload actually works.",
"Retrieve a list of all user credentials via SQL Injection.": "Retrieve a list of all user credentials via SQL Injection.",
"Gather information on where user data is stored and how it is addressed. Then craft a corresponding UNION SELECT attack.": "Gather information on where user data is stored and how it is addressed. Then craft a corresponding UNION SELECT attack.",
"Embed an XSS payload <code></script><script>alert(`xss`)</script></code> into our promo video.": "Embed an XSS payload <code></script><script>alert(`xss`)</script></code> into our promo video.",
"You have to reuse the vulnerability behind one other 6-star challenge to be able to solve this one.": "You have to reuse the vulnerability behind one other 6-star challenge to be able to solve this one.",
"View another user's shopping basket.": "View another user's shopping basket.",
"Have an eye on the HTTP traffic while shopping. Alternatively try to find a client-side association of users to their basket.": "Have an eye on the HTTP traffic while shopping. Alternatively try to find a client-side association of users to their basket.",
"<a href=\"/#/contact\">Inform the shop</a> about a vulnerable library it is using. (Mention the exact library name and version in your comment)": "<a href=\"/#/contact\">Inform the shop</a> about a vulnerable library it is using. (Mention the exact library name and version in your comment)",
"Report one of two possible answers via the \"Contact Us\" form. Do not forget to submit the library's version as well.": "Report one of two possible answers via the \"Contact Us\" form. Do not forget to submit the library's version as well.",
"<a href=\"/#/contact\">Inform the shop</a> about an algorithm or library it should definitely not use the way it does.": "<a href=\"/#/contact\">Inform the shop</a> about an algorithm or library it should definitely not use the way it does.",
"Report one of four possible answers via the \"Contact Us\" form.": "Report one of four possible answers via the \"Contact Us\" form.",
"Enforce a redirect to a page you are not supposed to redirect to.": "Enforce a redirect to a page you are not supposed to redirect to.",
"You have to find a way to beat the whitelist of allowed redirect URLs.": "You have to find a way to beat the whitelist of allowed redirect URLs.",
"Retrieve the content of <code>C:\\Windows\\system.ini</code> or <code>/etc/passwd</code> from the server.": "Retrieve the content of <code>C:\\Windows\\system.ini</code> or <code>/etc/passwd</code> from the server.",
"The leverage point for this challenge is the deprecated B2B interface.": "The leverage point for this challenge is the deprecated B2B interface.",
"Give the server something to chew on for quite a while.": "Give the server something to chew on for quite a while.",
"It is not as easy as sending a large amount of data directly to the deprecated B2B interface.": "It is not as easy as sending a large amount of data directly to the deprecated B2B interface.",
"Give a devastating zero-star feedback to the store.": "Give a devastating zero-star feedback to the store.",
"Before you invest time bypassing the API, you might want to play around with the UI a bit.": "Before you invest time bypassing the API, you might want to play around with the UI a bit.",
"Your eldest siblings middle name?": "Your eldest siblings middle name?",
"Mother's maiden name?": "Mother's maiden name?",
"Mother's birth date? (MM/DD/YY)": "Mother's birth date? (MM/DD/YY)",
"Father's birth date? (MM/DD/YY)": "Father's birth date? (MM/DD/YY)",
"Maternal grandmother's first name?": "Maternal grandmother's first name?",
"Paternal grandmother's first name?": "Paternal grandmother's first name?",
"Name of your favorite pet?": "Name of your favorite pet?",
"Last name of dentist when you were a teenager? (Do not include 'Dr.')": "Last name of dentist when you were a teenager? (Do not include 'Dr.')",
"Your ZIP/postal code when you were a teenager?": "Your ZIP/postal code when you were a teenager?",
"Company you first work for as an adult?": "Company you first work for as an adult?",
"Apple Juice (1000ml)": "Apple Juice (1000ml)",
"The all-time classic.": "The all-time classic.",
"Orange Juice (1000ml)": "Orange Juice (1000ml)",
"Made from oranges hand-picked by Uncle Dittmeyer.": "Made from oranges hand-picked by Uncle Dittmeyer.",
"Eggfruit Juice (500ml)": "Eggfruit Juice (500ml)",
"Now with even more exotic flavour.": "Now with even more exotic flavour.",
"Raspberry Juice (1000ml)": "Raspberry Juice (1000ml)",
"Made from blended Raspberry Pi, water and sugar.": "Made from blended Raspberry Pi, water and sugar.",
"Lemon Juice (500ml)": "Lemon Juice (500ml)",
"Sour but full of vitamins.": "Sour but full of vitamins.",
"Banana Juice (1000ml)": "Banana Juice (1000ml)",
"Monkeys love it the most.": "Monkeys love it the most.",
"OWASP Juice Shop T-Shirt": "OWASP Juice Shop T-Shirt",
"Real fans wear it 24/7!": "Real fans wear it 24/7!",
"OWASP Juice Shop CTF Girlie-Shirt": "OWASP Juice Shop CTF Girlie-Shirt",
"For serious Capture-the-Flag heroines only!": "For serious Capture-the-Flag heroines only!",
"OWASP SSL Advanced Forensic Tool (O-Saft)": "OWASP SSL Advanced Forensic Tool (O-Saft)",
"O-Saft is an easy to use tool to show information about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. <a href=\"https://www.owasp.org/index.php/O-Saft\" target=\"_blank\">More...</a>": "O-Saft is an easy to use tool to show information about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. <a href=\"https://www.owasp.org/index.php/O-Saft\" target=\"_blank\">More...</a>",
"Christmas Super-Surprise-Box (2014 Edition)": "Christmas Super-Surprise-Box (2014 Edition)",
"Contains a random selection of 10 bottles (each 500ml) of our tastiest juices and an extra fan shirt for an unbeatable price! (Seasonal special offer! Limited availability!)": "Contains a random selection of 10 bottles (each 500ml) of our tastiest juices and an extra fan shirt for an unbeatable price! (Seasonal special offer! Limited availability!)",
"Rippertuer Special Juice": "Rippertuer Special Juice",
"Contains a magical collection of the rarest fruits gathered from all around the world, like Cherymoya Annona cherimola, Jabuticaba Myrciaria cauliflora, Bael Aegle marmelos... and others, at an unbelievable price! <br/><span style=\"color:red;\">This item has been made unavailable because of lack of safety standards.</span> (This product is unsafe! We plan to remove it from the stock!)": "Contains a magical collection of the rarest fruits gathered from all around the world, like Cherymoya Annona cherimola, Jabuticaba Myrciaria cauliflora, Bael Aegle marmelos... and others, at an unbelievable price! <br/><span style=\"color:red;\">This item has been made unavailable because of lack of safety standards.</span> (This product is unsafe! We plan to remove it from the stock!)",
"OWASP Juice Shop Sticker (2015/2016 design)": "OWASP Juice Shop Sticker (2015/2016 design)",
"Die-cut sticker with the official 2015/2016 logo. By now this is a rare collectors item. <em>Out of stock!</em>": "Die-cut sticker with the official 2015/2016 logo. By now this is a rare collectors item. <em>Out of stock!</em>",
"OWASP Juice Shop Iron-Ons (16pcs)": "OWASP Juice Shop Iron-Ons (16pcs)",
"Upgrade your clothes with washer safe <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">iron-ons</a> of the OWASP Juice Shop or CTF Extension logo!": "Upgrade your clothes with washer safe <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">iron-ons</a> of the OWASP Juice Shop or CTF Extension logo!",
"OWASP Juice Shop Magnets (16pcs)": "OWASP Juice Shop Magnets (16pcs)",
"Your fridge will be even cooler with these OWASP Juice Shop or CTF Extension logo <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">magnets</a>!": "Your fridge will be even cooler with these OWASP Juice Shop or CTF Extension logo <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">magnets</a>!",
"OWASP Juice Shop Sticker Page": "OWASP Juice Shop Sticker Page",
"Massive decoration opportunities with these OWASP Juice Shop or CTF Extension <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker pages</a>! Each page has 16 stickers on it.": "Massive decoration opportunities with these OWASP Juice Shop or CTF Extension <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker pages</a>! Each page has 16 stickers on it.",
"OWASP Juice Shop Sticker Single": "OWASP Juice Shop Sticker Single",
"Super high-quality vinyl <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker single</a> with the OWASP Juice Shop or CTF Extension logo! The ultimate laptop decal!": "Super high-quality vinyl <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker single</a> with the OWASP Juice Shop or CTF Extension logo! The ultimate laptop decal!",
"OWASP Juice Shop Temporary Tattoos (16pcs)": "OWASP Juice Shop Temporary Tattoos (16pcs)",
"Get one of these <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">temporary tattoos</a> to proudly wear the OWASP Juice Shop or CTF Extension logo on your skin! If you tweet a photo of yourself with the tattoo, you get a couple of our stickers for free! Please mention <a href=\"https://twitter.com/owasp_juiceshop\" target=\"_blank\"><code>@owasp_juiceshop</code></a> in your tweet!": "Get one of these <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">temporary tattoos</a> to proudly wear the OWASP Juice Shop or CTF Extension logo on your skin! If you tweet a photo of yourself with the tattoo, you get a couple of our stickers for free! Please mention <a href=\"https://twitter.com/owasp_juiceshop\" target=\"_blank\"><code>@owasp_juiceshop</code></a> in your tweet!",
"OWASP Juice Shop Mug": "OWASP Juice Shop Mug",
"Black mug with regular logo on one side and CTF logo on the other! Your colleagues will envy you!": "Black mug with regular logo on one side and CTF logo on the other! Your colleagues will envy you!",
"OWASP Juice Shop Hoodie": "OWASP Juice Shop Hoodie",
"Mr. Robot-style apparel. But in black. And with logo.": "Mr. Robot-style apparel. But in black. And with logo.",
"OWASP Juice Shop-CTF Velcro Patch": "OWASP Juice Shop-CTF Velcro Patch",
"4x3.5\" embroidered patch with velcro backside. The ultimate decal for every tactical bag or backpack!": "4x3.5\" embroidered patch with velcro backside. The ultimate decal for every tactical bag or backpack!",
"Woodruff Syrup \"Forest Master X-Treme\"": "Woodruff Syrup \"Forest Master X-Treme\"",
"Harvested and manufactured in the Black Forest, Germany. Can cause hyperactive behavior in children. Can cause permanent green tongue when consumed undiluted.": "Harvested and manufactured in the Black Forest, Germany. Can cause hyperactive behavior in children. Can cause permanent green tongue when consumed undiluted.",
"Green Smoothie": "Green Smoothie",
"Looks poisonous but is actually very good for your health! Made from green cabbage, spinach, kiwi and grass.": "Looks poisonous but is actually very good for your health! Made from green cabbage, spinach, kiwi and grass.",
"Quince Juice (1000ml)": "Quince Juice (1000ml)",
"Juice of the <em>Cydonia oblonga</em> fruit. Not exactly sweet but rich in Vitamin C.": "Juice of the <em>Cydonia oblonga</em> fruit. Not exactly sweet but rich in Vitamin C.",
"Apple Pomace": "Apple Pomace",
"Finest pressings of apples. Allergy disclaimer: Might contain traces of worms. Can be <a href=\"/#recycle\">sent back to us</a> for recycling.": "Finest pressings of apples. Allergy disclaimer: Might contain traces of worms. Can be <a href=\"/#recycle\">sent back to us</a> for recycling.",
"Fruit Press": "Fruit Press",
"Fruits go in. Juice comes out. Pomace you can send back to us for recycling purposes.": "Fruits go in. Juice comes out. Pomace you can send back to us for recycling purposes.",
"OWASP Juice Shop Logo (3D-printed)": "OWASP Juice Shop Logo (3D-printed)",
"This rare item was designed and handcrafted in Sweden. This is why it is so incredibly expensive despite its complete lack of purpose.": "This rare item was designed and handcrafted in Sweden. This is why it is so incredibly expensive despite its complete lack of purpose.",
"Juice Shop Artwork": "Juice Shop Artwork",
"Unique masterpiece painted with different kinds of juice on 90g/m² lined paper.": "Unique masterpiece painted with different kinds of juice on 90g/m² lined paper.",
"Global OWASP WASPY Award 2017 Nomnation": "Global OWASP WASPY Award 2017 Nomnation",
"Your chance to nominate up to three quiet pillars of the OWASP community ends 2017-06-30! <a href=\"https://www.owasp.org/index.php/WASPY_Awards_2017\">Nominate now!</a>": "Your chance to nominate up to three quiet pillars of the OWASP community ends 2017-06-30! <a href=\"https://www.owasp.org/index.php/WASPY_Awards_2017\">Nominate now!</a>",
"Strawberry Juice (500ml)": "Strawberry Juice (500ml)",
"Sweet & tasty!": "Sweet & tasty!",
"Carrot Juice (1000ml)": "Carrot Juice (1000ml)",
"As the old German saying goes: \"Carrots are good for the eyes. Or has anyone ever seen a rabbit with glasses?\"": "As the old German saying goes: \"Carrots are good for the eyes. Or has anyone ever seen a rabbit with glasses?\"",
"OWASP Juice Shop Sweden Tour 2017 Sticker Sheet (Special Edition)": "OWASP Juice Shop Sweden Tour 2017 Sticker Sheet (Special Edition)",
"10 sheets of Sweden-themed stickers with 15 stickers on each.": "10 sheets of Sweden-themed stickers with 15 stickers on each.",
"Pwning OWASP Juice Shop": "Pwning OWASP Juice Shop",
"<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and <a href=\"https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/\">readable online on GitBook</a>!": "<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and <a href=\"https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/\">readable online on GitBook</a>!",
"Melon Bike (Comeback-Product 2018 Edition)": "Melon Bike (Comeback-Product 2018 Edition)",
"The wheels of this bicycle are made from real water melons. You might not want to ride it up/down the curb too hard.": "The wheels of this bicycle are made from real water melons. You might not want to ride it up/down the curb too hard.",
"OWASP Juice Shop Coaster (10pcs)": "OWASP Juice Shop Coaster (10pcs)",
"Our 95mm circle coasters are printed in full color and made from thick, premium coaster board.": "Our 95mm circle coasters are printed in full color and made from thick, premium coaster board.",
"": "",
"CREATE TABLE `Addresses` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `fullName` VARCHAR(255), `mobileNum` INTEGER, `zipCode` VARCHAR(255), `streetAddress` VARCHAR(255), `city` VARCHAR(255), `state` VARCHAR(255), `country` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Addresses` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `fullName` VARCHAR(255), `mobileNum` INTEGER, `zipCode` VARCHAR(255), `streetAddress` VARCHAR(255), `city` VARCHAR(255), `state` VARCHAR(255), `country` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `BasketItems` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `BasketId` INTEGER REFERENCES `Baskets` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, `ProductId` INTEGER REFERENCES `Products` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, UNIQUE (`BasketId`, `ProductId`))": "CREATE TABLE `BasketItems` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `BasketId` INTEGER REFERENCES `Baskets` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, `ProductId` INTEGER REFERENCES `Products` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, UNIQUE (`BasketId`, `ProductId`))",
"CREATE TABLE `Baskets` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `coupon` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Baskets` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `coupon` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `Captchas` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `captchaId` INTEGER, `captcha` VARCHAR(255), `answer` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)": "CREATE TABLE `Captchas` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `captchaId` INTEGER, `captcha` VARCHAR(255), `answer` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)",
"CREATE TABLE `Cards` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `fullName` VARCHAR(255), `cardNum` INTEGER, `expMonth` INTEGER, `expYear` INTEGER, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Cards` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `fullName` VARCHAR(255), `cardNum` INTEGER, `expMonth` INTEGER, `expYear` INTEGER, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `Challenges` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `key` VARCHAR(255), `name` VARCHAR(255), `category` VARCHAR(255), `description` VARCHAR(255), `difficulty` INTEGER, `hint` VARCHAR(255), `hintUrl` VARCHAR(255), `solved` TINYINT(1), `disabledEnv` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)": "CREATE TABLE `Challenges` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `key` VARCHAR(255), `name` VARCHAR(255), `category` VARCHAR(255), `description` VARCHAR(255), `difficulty` INTEGER, `hint` VARCHAR(255), `hintUrl` VARCHAR(255), `solved` TINYINT(1), `disabledEnv` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)",
"CREATE TABLE `Complaints` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `message` VARCHAR(255), `file` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Complaints` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `message` VARCHAR(255), `file` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `Deliveries` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` VARCHAR(255), `price` FLOAT, `deluxePrice` FLOAT, `eta` FLOAT, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)": "CREATE TABLE `Deliveries` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` VARCHAR(255), `price` FLOAT, `deluxePrice` FLOAT, `eta` FLOAT, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)",
"CREATE TABLE `Feedbacks` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `comment` VARCHAR(255), `rating` INTEGER NOT NULL, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Feedbacks` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `comment` VARCHAR(255), `rating` INTEGER NOT NULL, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `ImageCaptchas` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `image` VARCHAR(255), `answer` VARCHAR(255), `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE NO ACTION ON UPDATE CASCADE, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)": "CREATE TABLE `ImageCaptchas` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `image` VARCHAR(255), `answer` VARCHAR(255), `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE NO ACTION ON UPDATE CASCADE, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)",
"CREATE TABLE `Memories` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `caption` VARCHAR(255), `imagePath` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Memories` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `caption` VARCHAR(255), `imagePath` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `PrivacyRequests` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE NO ACTION ON UPDATE CASCADE, `deletionRequested` TINYINT(1) DEFAULT 0, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)": "CREATE TABLE `PrivacyRequests` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE NO ACTION ON UPDATE CASCADE, `deletionRequested` TINYINT(1) DEFAULT 0, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)",
"CREATE TABLE `Products` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` VARCHAR(255), `description` VARCHAR(255), `price` DECIMAL, `deluxePrice` DECIMAL, `image` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `deletedAt` DATETIME)": "CREATE TABLE `Products` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` VARCHAR(255), `description` VARCHAR(255), `price` DECIMAL, `deluxePrice` DECIMAL, `image` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `deletedAt` DATETIME)",
"CREATE TABLE `PurchaseQuantities` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `ProductId` INTEGER REFERENCES `Products` (`id`) ON DELETE SET NULL ON UPDATE CASCADE, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `PurchaseQuantities` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `ProductId` INTEGER REFERENCES `Products` (`id`) ON DELETE SET NULL ON UPDATE CASCADE, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `Quantities` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER, `limitPerUser` INTEGER DEFAULT NULL, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `ProductId` INTEGER REFERENCES `Products` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Quantities` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER, `limitPerUser` INTEGER DEFAULT NULL, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `ProductId` INTEGER REFERENCES `Products` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `Recycles` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER(4), `isPickup` TINYINT(1) DEFAULT 0, `date` DATETIME, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE, `AddressId` INTEGER REFERENCES `Addresses` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Recycles` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `quantity` INTEGER(4), `isPickup` TINYINT(1) DEFAULT 0, `date` DATETIME, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE, `AddressId` INTEGER REFERENCES `Addresses` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `SecurityAnswers` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `answer` VARCHAR(255), `UserId` INTEGER UNIQUE REFERENCES `Users` (`id`) ON DELETE NO ACTION ON UPDATE CASCADE, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `SecurityQuestionId` INTEGER REFERENCES `SecurityQuestions` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `SecurityAnswers` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `answer` VARCHAR(255), `UserId` INTEGER UNIQUE REFERENCES `Users` (`id`) ON DELETE NO ACTION ON UPDATE CASCADE, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `SecurityQuestionId` INTEGER REFERENCES `SecurityQuestions` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE `SecurityQuestions` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `question` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)": "CREATE TABLE `SecurityQuestions` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `question` VARCHAR(255), `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL)",
"CREATE TABLE `Users` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `username` VARCHAR(255) DEFAULT '', `email` VARCHAR(255) UNIQUE, `password` VARCHAR(255), `role` VARCHAR(255) DEFAULT 'customer', `lastLoginIp` VARCHAR(255) DEFAULT '0.0.0.0', `profileImage` VARCHAR(255) DEFAULT 'default.svg', `totpSecret` VARCHAR(255) DEFAULT '', `isActive` TINYINT(1) DEFAULT 1, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `deletedAt` DATETIME)": "CREATE TABLE `Users` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `username` VARCHAR(255) DEFAULT '', `email` VARCHAR(255) UNIQUE, `password` VARCHAR(255), `role` VARCHAR(255) DEFAULT 'customer', `lastLoginIp` VARCHAR(255) DEFAULT '0.0.0.0', `profileImage` VARCHAR(255) DEFAULT 'default.svg', `totpSecret` VARCHAR(255) DEFAULT '', `isActive` TINYINT(1) DEFAULT 1, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `deletedAt` DATETIME)",
"CREATE TABLE `Wallets` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `balance` INTEGER DEFAULT 0, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)": "CREATE TABLE `Wallets` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `balance` INTEGER DEFAULT 0, `createdAt` DATETIME NOT NULL, `updatedAt` DATETIME NOT NULL, `UserId` INTEGER REFERENCES `Users` (`id`) ON DELETE SET NULL ON UPDATE CASCADE)",
"CREATE TABLE sqlite_sequence(name,seq)": "CREATE TABLE sqlite_sequence(name,seq)"
}