API 03

Bookmarked!

This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.

PRO Easy < 1 Hr. 2452 API Badge

Course

In this challenge, your goal is to find the vulnerability that will allow you to access the key stored as a secret in the admin account. Use your testing skills to retrieve it by exploiting the JWT token's weak signature.

Skills covered

Authentication

Topics

API

CWE-327

Included with PRO

Full course content 1 video

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account