2 Videos for OAuth2: Authorization Server XSS II

PRO
Tier
difficulty_hard_icon
Hard
clock icon
< 1 Hr.
number of users completed icon
255
image of exercise OAuth2 XSS Authorization Server II: Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
OAuth2 XSS Authorization Server II: Introduction

In this video, we delve into the OAuth2 exercise within the authorization server challenge, part of the authentication and authorization badge. We explore the intricacies of OAuth2 authorization code flow and demonstrate how to exploit XSS vulnerabilities to gain unauthorized access to resources.

video duration icon03:55 number of views icon373

 

image of exercise OAuth2 XSS Authorization Server II: Exploitation with an iframe
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
OAuth2 XSS Authorization Server II: Exploitation with an iframe

In this video, we dive into exploiting XSS on an OAuth2 Authorization Server using an iframe to automate the authorization process. We demonstrate how to create a malicious OAuth application, leverage XSS to perform a CSRF attack, and ultimately retrieve an authorization token.

video duration icon05:42 number of views icon560