Back to directory
WRITEUP #871

mTLS: When certificate authentication is done wrong

SSRFmTLSImproper Certificate ValidationLDAP injection
by@artsploit(Michael Stepankin)
Program
KeycloakBouncy CastleApereo CAS
Published
Aug 17, 2023
Added to HackDex
Aug 21, 2023
Read Full Writeuphttps://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/
RELATED WRITEUPS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
IIS welcome page to source code review to LFI!
SSRFLFI
NTLM Credential Theft in Python Windows Applications
SSRFNTLMv2 hash disclosure
Vulnerabilities in Homepage Dashboard
RCESSRF
SSRFing the Web with the help of Copilot Studio
SSRF

Built with ❤️ by Shubham Rawat