SAML: Signature Wrapping III

Bookmarked!

This exercise covers the exploitation of a Signature Wrapping Issue in passport-saml (CVE-2022-39299)

PRO Medium 1-2 Hrs. 173 Authentication / Authorization Badge

Course

This course delves into the exploitation of an insecure SAML implementation, allowing a malicious user to become another user by tampering with the SAMLResponse. It focuses on a vulnerability in the JavaScript library passport-saml, referenced as CVE-2022-39299.

Skills covered

Injection Authentication Cryptography

Included with PRO

Full course content 2 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account