Attacking Authentication Mechanisms
Skills Assessment
Scenario
You are tasked to perform a security assessment of a client's web application. For the assessment, the client has granted you access to a low-privilege user: htb-stdnt:AcademyStudent!. Apply what you have learned in this module to obtain the flag.
/ 1 spawns left
Waiting to
start...
Questions
Answer the question(s) below to complete this Section and earn cubes!
Click here to spawn the target system!
Target:
Click here to spawn the target system!
Authenticate to with user "htb-stdnt" and password "AcademyStudent!"
+10 Streak pts
Table of Contents
Introduction to Authentication Mechanisms
Introduction to Authentication MechanismsJWTs
Introduction to JWTs Attacking Signature Verification Attacking the Signing Secret Algorithm Confusion Further JWT Attacks JWT Tools of the Trade & Vulnerability PreventionOAuth
Introduction to OAuth OAuth Lab Setup Stealing Access Tokens Improper CSRF Protection Additional OAuth Vulnerabilities OAuth Vulnerability PreventionSAML
Introduction to SAML SAML Lab Setup Signature Exclusion Attack Signature Wrapping Attack Additional SAML Vulnerabilities SAML Tools of the Trade & Vulnerability PreventionSkills Assessment
Skills AssessmentMy Workstation
OFFLINE
/ 1 spawns left
