2 Videos for OAuth2: Predictable State

PRO
Tier
difficulty_hard_icon
Hard
clock icon
2-4 Hrs.
number of users completed icon
275
badge icon
Authentication / Authorization Badge
image of exercise OAuth2 predictable state: Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
OAuth2 predictable state: Introduction

This video covers the OAuth2 Predictable State exercise, part of the Authorization and Authentication Badge. It demonstrates how OAuth2 can be exploited if the state parameter is predictable, allowing attackers to link their account with a victim's account.

video duration icon07:21 number of views icon647

 

image of exercise OAuth2 Predictable State: Exploitation
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
OAuth2 Predictable State: Exploitation

In this video, we explore the OAuth2 Predictable State exercise from the Authentication and Authorization badge. We demonstrate how to exploit predictable states in OAuth2 by brute-forcing the state parameter.

video duration icon12:48 number of views icon773