SAML: Comment Injection

Bookmarked!

This exercise covers the exploitation of a comment injection vulnerability in SAML

PRO Medium < 1 Hr. 1767 Authentication / Authorization Badge
Course

This course demonstrates the exploitation of an insecure SAML implementation, allowing a malicious user to become another user by manipulating the Identity Provider to create an assertion that is parsed differently by the Service Provider.

Skills covered
Injection Authentication Cryptography
Included with PRO
Full course content 2 videos

This lab is free this month. Register to start hacking.

Register free