OAuth2 Predictable State: Exploitation

image of exercise OAuth2 Predictable State: Exploitation
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
OAuth2 Predictable State: Exploitation

In this video, we explore the OAuth2 Predictable State exercise from the Authentication and Authorization badge. We demonstrate how to exploit predictable states in OAuth2 by brute-forcing the state parameter.

video duration icon12:48 number of views icon761