Skip to content
This repository has been archived by the owner on Feb 22, 2023. It is now read-only.

Anomalous-Sentiment/oauth-vulnerability-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

90 Commits
consumer_client
consumer_client
 
 
db/mysql
db/mysql
 
 
php
php
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

oauth-vulnerability-demo

A simplified demo of the oauth 1.0 session fixation vulnerability

Usage

Ensure that Docker is installed on your system

  • Run the following command in the root directory: docker compose up
  • Visit the consumer client app at http://localhost:4000
  • Visit the service provider app at http://localhost:8100
  • Stop the Docker containers using the command: docker compose down
  • Remove the containers by using the command: docker compose rm -f
  • Reset the client consumer database by stopping the containers, and running the above command, followed by: docker volume prune
  • Reset the service provider database by deleting all files in the db/mysql/data directory

Branches

There are 2 branches to this repository. The main branch which contains the program using the vulnerable version of oauth 1.0, while the 1.0a-Patch contains the program using patched version of oauth, known as oauth 1.0a.

To view the main branch, use the command:

  • git checkout main

To view the patched branch, use the command:

  • git checkout 1.0a-Patch

About

A simplified demo of the oauth 1.0 vulnerability

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages