Lua-Resty-JWT Authentication Bypass
Lua-Resty-JWT Authentication Bypass
insinuator.net Lua-Resty-JWT Authentication Bypass
I was writing some challenges for PacketWars at TROOPERS22. One was intended to be a JWT key confusion challenge where the public key from an RSA JWT should be recovered and used to sign a symmetric JWT. For that, I was searching for a library vulnerable to JWT key confusion by default and found lua...
0
comments