Authentication Failures
Login is a feature. Auth is a system.
Chapter 07 of the roadmap. Work through each walkthrough below, or browse every topic.
-
JWT Weak Secret: Cracking the Key to Forge Admin Access in OopsSec Store
Exploiting a JWT implementation that uses a weak signing secret to crack the key, forge admin credentials, and access restricted endpoints.
-
Brute Force Attack: Exploiting a Login Endpoint With No Rate Limiting
Brute forcing a user password through an unprotected login endpoint using rockyou.txt.
-
Session Fixation: Hijacking an Admin Account Through Support Access
Exploiting a mass assignment flaw in a support access token endpoint to generate a session for the admin account and access the admin dashboard.
-
Insecure Password Reset: Predictable Token Forgery
Exploit a predictable password reset token generation mechanism to take over any user account.