Course
In this exercise, you will learn how to exploit the <code>jku</code> header in JWT tokens to forge a token and become an admin. This involves creating a public key that the application will trust and signing the token with the corresponding private key.
Skills covered
Injection
Authentication
Cryptography
Operating System
Network
Topics
JWT
cwe-310
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
