JWT Algorithm Confusion with RSA Public Key Recovery

Bookmarked!

This exercise covers the exploitation of algorithm confusion when no public key is available

PRO Hard < 1 Hr. 211 Brown Badge

Course

This course focuses on exploiting a vulnerability in JSON Web Token (JWT) used for authentication. It demonstrates how to manipulate the JWT's signature algorithm to gain unauthorized access.

Topics

JWT

cwe-310

Included with PRO

Full course content 3 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account