OAuth2: State Fixation

Bookmarked!

This exercise covers the exploitation of a state fixation in an OAuth2 Client

PRO Medium 1-2 Hrs. 414 Authentication / Authorization Badge

Course

This course details the exploitation of an insecure OAuth2 Client vulnerable to a state fixation vulnerability. By chaining this with a CSRF attack, it is possible to take over a victim's account.

Skills covered

Authentication Operating System

Included with PRO

Full course content 2 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account