OAuth 2.0 for Hackers (Part 2): How to Hack With Insecure OAuth 2 Endpoints
Рет қаралды 1,162
Күн бұрын
@ethicalpap 2 ай бұрын
Yall, I got a new camera and didn't realize it was zoomed into my face so much, until after the fact. Enjoy the close up.
@GreatAllen-p4m 2 ай бұрын
no problem fam
@brandonkimm2227 2 ай бұрын
as a fellow IT dude realizing how underesprented i am in the field, I came here for this
@kittoh_ 2 ай бұрын
Awesome stuff boss! Waiting for part III. 💯
@abduldione1524 2 ай бұрын
great content
@cheffloppa1 2 ай бұрын
🔥
@systemsadministrator2419 2 ай бұрын
🎉
@disrael2101 2 ай бұрын
sir are you offering any reverse eng bootcamp by any chance? i'm willing to enroll and pay for it!
@uzumakiuchiha7678 2 ай бұрын
Provide link to part 1 in description please
@ethicalpap 2 ай бұрын
Done!
@jpphoton 2 ай бұрын
client id is a weak point over http .. oauth perhaps could be further constrained by imposing a http header say like x-forwarded-for .. but that can be spoofed .. so it ends up being forever non-deterministic .. otherwise we'd have already locked it down .. but alas
@ethicalpap 2 ай бұрын
Yep! Client-ID In cleartext is very bad and x-forwarded-for can also lead to SSRF. Love the input here!
@StynerDevHub 2 ай бұрын
🎉🎉🎉
NDC Conferences
Рет қаралды 15 М.