2 Videos for OAuth2: Authorization Server XSS II

Access to videos for this exercise is only available with PentesterLab PRO
GOPRO
OAuth2 XSS Authorization Server II: Introduction
In this video, we delve into the OAuth2 exercise within the authorization server challenge, part of the authentication and authorization badge. We explore the intricacies of OAuth2 authorization code flow and demonstrate how to exploit XSS vulnerabilities to gain unauthorized access to resources.

Access to videos for this exercise is only available with PentesterLab PRO
GOPRO
OAuth2 XSS Authorization Server II: Exploitation with an iframe
In this video, we dive into exploiting XSS on an OAuth2 Authorization Server using an iframe to automate the authorization process. We demonstrate how to create a malicious OAuth application, leverage XSS to perform a CSRF attack, and ultimately retrieve an authorization token.