Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- SAML is a protocol that allows identity providers (IdP) to pass authorization credentials to service providers. A similar protocol is OAuth.
- SAML uses XML in order to verify its claims. The id of a user is used in order to create a claim that represents this specific user.
- The user is verified at TWO different points in TWO different ways. By abusing difference in this verification process, a valid user can trick the process to think they are any other user.
- The trick was using HTML comments in order to force the parsers to act differently. This is NOT the first time this exact same issue has been seen.
