Back to directory
WRITEUP #1565

Hacking our way into internal DBs with hardcoded authentication keys

Auth BypassJWTSSOAuthentication bypassSecurity misconfiguration
by@OphionSecurity(Ophion Security)
Program
-
Published
Feb 13, 2023
Added to HackDex
Feb 16, 2023
Read Full Writeuphttps://ophionsecurity.com/blog/hacking-our-way-into-an-internal-db
RELATED WRITEUPS
Plug Security Holes in React Apps That Can Lead to API Exploitation
Auth BypassSSO
Forced SSO Session Fixation
Auth BypassSSO
Breaking the Barrier: Admin Panel Takeover Worth $3500
Auth BypassAuthentication bypass
SAML Authentication Bypass Leading to Admin Panel Access
Auth BypassSAML
Breaking Down Barriers: Exploiting Authenticated IPC Clients
Auth BypassIPC client

Built with ❤️ by Shubham Rawat