OAuth2: Predictable State

Bookmarked!

This exercise covers the exploitation of a predictable state in an OAuth2 Client

PRO Hard 2-4 Hrs. 300 Authentication / Authorization Badge

Course

This course covers the exploitation of an insecure OAuth2 Client that relies on a predictable <code>state</code> parameter. By chaining this with a CSRF vulnerability, you can take over an account linked via OAuth2.

Skills covered

Authentication

Included with PRO

Full course content 2 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account