2 Videos for OAuth2: Predictable State

This video covers the OAuth2 Predictable State exercise, part of the Authorization and Authentication Badge. It demonstrates how OAuth2 can be exploited if the state parameter is predictable, allowing attackers to link their account with a victim's account.

In this video, we explore the OAuth2 Predictable State exercise from the Authentication and Authorization badge. We demonstrate how to exploit predictable states in OAuth2 by brute-forcing the state parameter.