Open Redirect Leading to OAuth Access Token Disclosure!

preview_player
Показать описание
👩‍🎓👨‍🎓 Learn about Open Redirect vulnerabilities. In this video, we are going to use an open redirect vulnerability and chain it with some others to extract an OAuth access token, which can be further used to obtain sensitive information.

Overview:
00:00 Intro
00:13 Lab overview
02:10 Discover Directory Traversal
04:59 Discover Open Redirect
07:04 Set Up Attacker's Page
09:16 Build Information Disclosure Script
10:49 Try Out Exploit
12:15 Solve The Lab
12:59 Conclusion

---

  1. Intigriti
  2. intigriti
  3. hackademy
  4. vulnerability
  5. enablement
  6. education
Рекомендации по теме
Open Redirect Leading 0:15:36

Open Redirect Leading to OAuth Access Token Disclosure!

Hijacking account with 0:07:30

Hijacking account with Open Redirect in OAuth 2.0 | Stealing Access Tokens |

Open Redirect Vulnerability 0:08:34

Open Redirect Vulnerability Explained

Open redirect in 0:01:22

Open redirect in #Codechef​ due to OAuth misconfiguration - POC Video #bugbounty #vulnerability

BUG Bounty -Improper 0:01:29

BUG Bounty -Improper Authorisation of OAuth which leads to Open Redirection, XSS & Account Take ...

Stealing OAuth access 0:13:42

Stealing OAuth access tokens via an open redirect (Video solution, Audio)

(techgig.com)POC -Oauth Token 0:02:23

(techgig.com)POC -Oauth Token stealing via Open Redirect Vulnerability at techgig com

21.5 Lab: Stealing 0:08:15

21.5 Lab: Stealing OAuth access tokens via an open redirect - Karthikeyan Nagaraj | 2024

OAuth Account Take 0:01:29

OAuth Account Take Over ,Open Redirect, XSS &

Stealing OAuth access 0:03:32

Stealing OAuth access tokens via an open redirect

Open redirection due 0:01:59

Open redirection due to OAuth misconfiguration - Mail.ru #Bugbounty_POC

what is an 0:07:26

what is an open redirect vulnerability? (intermediate) anthony explains #389

OPEN REDIRECTOIN TUTORIAL: 0:03:34

OPEN REDIRECTOIN TUTORIAL: HUNTING ON LIVE WEBSITE

OAuth 2 Explained 0:04:32

OAuth 2 Explained In Simple Terms

Stealing OAuth access 0:04:45

Stealing OAuth access tokens via an open redirect | Web Security Academy

Open Redirection Leads 0:04:32

Open Redirection Leads to Account Takeover || POC Video || Bug Bounty || Mission1920

Oauth Open Redirect 0:00:24

Oauth Open Redirect On www.similarweb.com

Stealing OAuth access 0:07:59

Stealing OAuth access tokens via an open redirect-Web Security Academy

How to Prevent 0:03:31

How to Prevent Open Redirects in your Applications

$1000 open redirect 0:02:46

$1000 open redirect | Bug Bounty POC 2023

Unvalidated Redirects/ Open 0:02:32

Unvalidated Redirects/ Open Redirect Vulnerability on VK Oauth Login

Portswigger OAuth authentication: 0:11:26

Portswigger OAuth authentication: Stealing OAuth access tokens via an open redirect #79

AMAZING Open redirect 0:02:53

AMAZING Open redirect bypass! 10/10 - Would bypass again

Open Redirect Vulnerabilities 0:43:17

Open Redirect Vulnerabilities Explained: Security Weekly

Комментарии
Автор

Thanks very much. You explained this vulnerability so flawlessly.

bertrandfossung
Автор

Thanks, hoping to get more from Intigriti...

phinehasantwi
Автор

Please check your mic. It always creates high pitch sound and the end of the word when you talk. Hurt my ear a lot. Check it with your earphone on.
Tho, good content. Ty

huyvuquang
Автор

I dont really know why i dont have a # mark and the exploit still workin

TheHexix
Автор

i am still unable to understand the js code,

window.location =

mnageh-bomm
Автор

Hii This Video Was Really Helpful But i have a question can we use burp collaborator link instead of exploit server url if not then how can we make our own exploit server for real world scenario Thanks.

Rounak_Bania
Автор

bal toamr sound thik koro! kane lage onek! vabio na j respect korbo

ntf.sadnan