3 Videos for CVE-2018-0114

PRO
Tier
difficulty_hard_icon
Hard
clock icon
2-4 Hrs.
number of users completed icon
1827
badge icon
Blue Badge
image of exercise CVE-2018-0114 - Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
CVE-2018-0114 - Introduction

In this video, we delve into the CVE-2018-0114 vulnerability within the context of JWT tokens. The focus is on understanding how the JWT structure works and how the Cisco Node Jose library improperly trusted embedded keys for signature verification, leading to potential security risks.

video duration icon04:18 number of views icon2246

 

image of exercise CVE-2018-0114 - Exploitation
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
CVE-2018-0114 - Exploitation

In this video, we dive into the exploitation of CVE-2018-0114 as part of the Blue Badge series. We'll walk through the process of registering, retrieving and decoding a JWT token, and ultimately crafting a payload to achieve administrative access.

video duration icon11:44 number of views icon2243

 

image of exercise CVE-2018-0114: Exploitation in Python 3
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
CVE-2018-0114: Exploitation in Python 3

In this video, we delve into the exploitation of CVE-2018-0114 using Python 3. This vulnerability allows attackers to embed a key inside the header of a JWT, which the Cisco "jose" library will then trust. The exercise demonstrates how to craft an exploit to take advantage of this flaw.

video duration icon12:49 number of views icon1893