blueteamsecEnglish · 2 months ago

The Fragile Lock: Novel Bypasses For SAML Authentication

portswigger.net

1

cross-posted to:
lobsters@lemmy.bestiver.se

9

The Fragile Lock: Novel Bypasses For SAML Authentication

portswigger.net

blueteamsecEnglish · 2 months ago

1

cross-posted to:
lobsters@lemmy.bestiver.se

The Fragile Lock: Novel Bypasses For SAML Authentication

portswigger.net

TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: including attribute pollution, namespace confusi

You must log in or # to comment.

Chat

moonpiedumplings@programming.dev
link
fedilink
English
arrow-up
3·
2 months ago
This post is a pretty good overview of why oauth2/openid are more popular.

Not to say that oauth/openid have never ever had vulnerabilities of their own, but there is a big difference between “accept these configurations” and what saml is, which is “parse this xml”.

blueteamsec

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

7 users / day
72 users / week
265 users / month
926 users / 6 months
219 local subscribers
603 subscribers
2.18K Posts
169 Comments
Modlog

mods:
digicat