SAML: Comment Injection

Bookmarked!

This exercise covers the exploitation of a comment injection vulnerability in SAML

PRO Medium < 1 Hr. 1705 Authentication / Authorization Badge

Course

This course demonstrates the exploitation of an insecure SAML implementation, allowing a malicious user to become another user by manipulating the Identity Provider to create an assertion that is parsed differently by the Service Provider.

Skills covered

Injection Authentication Cryptography

Included with PRO

Full course content 2 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account