editing juice shop for locust load testing
25 views
Skip to first unread message
Nobu Taka
Oct 22, 2023, 7:29:04 AM10/22/23
to ZAP User Group
I am trying to use Juice Shop as the target app for Owasp Zap cyber attacks to make datasets that indicate anomalies for Nvidia Morpheus autoencoders. Before that I am using Locust to mimic normal users and tried to edit the code so quantities of products don't run out. Here is my Trello board for changes I made: https://chat.openai.com/share/72c6619c-fb32-48ef-9117-f59c6f90ca66
I have a Locust script that mimics normal behavior but as soon as I make those changes to have a high starting quantity and for infinite quantities, I start getting 400 and 500 errors
Is there a version of juice shop that is built for this kind of thing?
Or can someone point me in the right direction?
ChatGPT says,
"Certainly. Given that the HTTP 400 and 500 errors are mainly originating from the `/api/BasketItems/` endpoint, I would focus on the server-side logic associated with basket items. This typically involves the route handlers, the service layer, and the database model for basket items.
1. **Route Handlers**: Review the logic within the `routes/basketItems.ts` file. Check if there are any specific validations or conditions that might lead to a 400 or 500 error. For example, the function `quantityCheckBeforeBasketItemAddition` checks for quantity constraints. If this check fails, it could result in a 400 error.
2. **Service Layer**: If there's a service layer responsible for the business logic related to basket items, scrutinize this layer to identify any conditions or validations that could throw an error. This could be within a function that handles the addition or modification of basket items.
3. **Database Model**: The database model for basket items (`BasketItemModel`) may have constraints or triggers that could cause an operation to fail. Inspect the Sequelize model for any validations that could fail and result in an error.
4. **Exception Handling**: Ensure that the route handlers have adequate exception handling to catch and log any errors. This can help in diagnosing the issue.
5. **Logging**: If possible, increase the logging level on the server to capture more details about incoming requests and errors. This can provide more context for debugging the issue.
6. **SQL Queries**: Given that you are seeing errors related to SQLite in your logs, it might be worth checking the SQL queries being executed. Sequelize provides a way to log SQL queries, which might help you debug the issue further.
Would you like to dive deeper into any of these areas? Feel free to share relevant parts of the code if you need specific guidance."
1. **Route Handlers**: Review the logic within the `routes/basketItems.ts` file. Check if there are any specific validations or conditions that might lead to a 400 or 500 error. For example, the function `quantityCheckBeforeBasketItemAddition` checks for quantity constraints. If this check fails, it could result in a 400 error.
2. **Service Layer**: If there's a service layer responsible for the business logic related to basket items, scrutinize this layer to identify any conditions or validations that could throw an error. This could be within a function that handles the addition or modification of basket items.
3. **Database Model**: The database model for basket items (`BasketItemModel`) may have constraints or triggers that could cause an operation to fail. Inspect the Sequelize model for any validations that could fail and result in an error.
4. **Exception Handling**: Ensure that the route handlers have adequate exception handling to catch and log any errors. This can help in diagnosing the issue.
5. **Logging**: If possible, increase the logging level on the server to capture more details about incoming requests and errors. This can provide more context for debugging the issue.
6. **SQL Queries**: Given that you are seeing errors related to SQLite in your logs, it might be worth checking the SQL queries being executed. Sequelize provides a way to log SQL queries, which might help you debug the issue further.
Would you like to dive deeper into any of these areas? Feel free to share relevant parts of the code if you need specific guidance."
thc...@gmail.com
Oct 22, 2023, 9:02:19 AM10/22/23
to zaprox...@googlegroups.com
Hi,
This seems to be a question for Juice Shop.
https://owasp.org/www-project-juice-shop/ (see community section)
Best regards.
This seems to be a question for Juice Shop.
https://owasp.org/www-project-juice-shop/ (see community section)
Best regards.
Reply all
Reply to author
Forward
0 new messages