JWT XIV: Exploitation part 1 in Ruby

image of exercise JWT XIV: Exploitation part 1 in Ruby
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
JWT XIV: Exploitation part 1 in Ruby

In this video, we tackle the JWT 14 challenge, demonstrating how to exploit algorithm confusion with ECDSA in Ruby. Using a JWT token, we recover the public key and sign a new token, gaining admin access.

video duration icon07:27 number of views icon60