Course
This course explores the exploitation of a vulnerability in the use of JSON Web Tokens (JWT) for authentication, specifically focusing on manipulating the <code>kid</code> parameter to gain administrator access. This exercise was originally a challenge in the complex and highly-regarded BitcoinCTF Capture-The-Flag competition.
Skills covered
Injection
Authentication
Cryptography
Operating System
Topics
JWT
cwe-310
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
