4 Videos for CVE-2022-21449

In this video, we introduce the challenge CVE-2022-21449, which involves bypassing ECDSA signatures in Java versions 15 through 18. The focus is on generating a JWT token with a specific malicious signature to exploit this vulnerability.

In this video, we cover the challenge CVE-2022-21449 as part of the brown badge series. We demonstrate how to generate an ECDSA signature with r and s values set to zero using Ruby.

In this video, we cover the exploitation of CVE-2022-21449 using Python. The objective is to generate a blank ECDSA signature with R and S set to zero to log in as admin@libcurl.so.

In this video, we cover the final step of exploiting CVE-2022-21449 as part of the Brown Badge series. We demonstrate logging in, manipulating cookies, and leveraging encoding techniques to successfully complete the challenge.