Tag: authentication
All the articles with the tag "authentication".
-
Insecure Password Reset: Predictable Token Forgery
Exploit a predictable password reset token generation mechanism to take over any user account.
-
JWT Weak Secret: Cracking the Key to Forge Admin Access in OopsSec Store
Exploiting a JWT implementation that uses a weak signing secret to crack the key, forge admin credentials, and access restricted endpoints.
