3 Videos for JWT IV

PRO
Tier
difficulty_medium_icon
Medium
clock icon
< 1 Hr.
number of users completed icon
2648
badge icon
Blue Badge
image of exercise JWT IV - Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
JWT IV - Introduction

In this video, we cover the exercise JWT 4 from the blue badge series. You'll learn about the key ID parameter in JWT headers and how its injection can lead to remote command execution.

video duration icon02:14 number of views icon1871

 

image of exercise JWT IV - Exploitation
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
JWT IV - Exploitation

In this video, we cover the exploitation technique for JWT (JSON Web Token) vulnerabilities as part of the blue badge exercises. We explore how to manipulate the key ID in the JWT header to achieve command execution through improper use of Ruby's open function.

video duration icon08:39 number of views icon2146

 

image of exercise JWT IV: Exploitation in Python 2 and 3
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
JWT IV: Exploitation in Python 2 and 3

In this video, we delve into the JWT IV exercise from the blue badge series on PentesterLab. We demonstrate how to gain code execution using Python 2 and 3 by exploiting JWT tokens.

video duration icon09:03 number of views icon1498