Sign in Create Account

3 Videos for SAML: Known Key

PRO
Tier
Medium
Medium
541 completed
Return to Exercise
image of exercise SAML IV: Introduction

This video requires PentesterLab PRO

GO PRO
SAML IV: Introduction

In this video, we provide an introduction to the SAML IV challenge, part of the authentication and authorization badge. We discuss how SAMLResponses are signed with a private key and how default keys and certificates can be exploited to tamper with these responses.

video duration icon01:42 number of views icon643

 

image of exercise SAML IV: Finding the private key by using the certificate in a SAMLResponse

This video requires PentesterLab PRO

GO PRO
Spoiler
SAML IV: Finding the private key by using the certificate in a SAMLResponse

In this video, we explore the SAML IV challenge from the authentication and authorization badge. We demonstrate how to extract a certificate from a SAML Response and determine if the application uses a default certificate and private key to sign the response.

video duration icon05:16 number of views icon989

 

image of exercise SAML IV: Exploitation with SAML Raider

This video requires PentesterLab PRO

GO PRO
Spoiler
SAML IV: Exploitation with SAML Raider

In this video, we cover the exploitation of SAML vulnerabilities using SAML Raider. We demonstrate how to use Burp Suite and SAML Raider to manipulate SAML assertions and gain unauthorized access.

video duration icon02:42 number of views icon787