3 Videos for JWT kid Injection

PRO
Tier
Medium
1-2 Hrs.
2826
Blue Badge
image of exercise JWT III - Introduction
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
JWT III - Introduction

In this video, we delve into the JWT III exercise, focusing on the 'kid' parameter in the JWT header. This lesson demonstrates how to exploit directory traversal to bypass JWT signature verification and gain unauthorized access.

video duration icon02:24 number of views icon3637

 

image of exercise JWT III: Exploitation
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
JWT III: Exploitation

In this video, we explore the exploitation of JSON Web Tokens (JWT) by manipulating the key ID to inject data and bypass the signature verification process. This exercise demonstrates techniques to generate an exploit that leverages directory traversal and predictable file content to achieve unauthorized access.

video duration icon09:39 number of views icon4484

 

image of exercise JWT III: Exploitation using Python 2 and Python 3
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
JWT III: Exploitation using Python 2 and Python 3

In this video, we cover the exercise JWT III, part of the blue badge on PentesterLab. We demonstrate how to exploit JSON Web Tokens (JWT) using Python 2 and Python 3, including using Docker for Python 3 compatibility.

video duration icon12:38 number of views icon2526