Course
In this exercise, you'll learn to exploit CVE-2018-0114, a vulnerability in Cisco's node-jose library, allowing attackers to forge JWT tokens by embedding a public key in the token header. You'll create and sign tokens using OpenSSL and Python, ultimately gaining unauthorized access as an admin.
Skills covered
Authentication
Authorisation
Cryptography
Topics
JWT
CWE-347
Included with PRO
Full course content
3 videos
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
