PT0-003 · Question #218
PT0-003 Question #218: Real Exam Question with Answer & Explanation
The correct answer is C: A replay attack against the authentication flow in the system. OpenID Connect (OIDC) with OAuth allows applications to authenticate users using third-party identity providers (IdPs). If dynamic registration is enabled, attackers can abuse this feature to capture and replay authentication requests. Attackers capture legitimate authentication
Question
A penetration tester is performing an assessment focused on attacking the authentication identity provider hosted within a cloud provider. During the reconnaissance phase, the tester finds that the system is using OpenID Connect with OAuth and has dynamic registration enabled. Which of the following attacks should the tester try first?
Options
- AA password-spraying attack against the authentication system
- BA brute-force attack against the authentication system
- CA replay attack against the authentication flow in the system
- DA mask attack against the authentication system
Explanation
OpenID Connect (OIDC) with OAuth allows applications to authenticate users using third-party identity providers (IdPs). If dynamic registration is enabled, attackers can abuse this feature to capture and replay authentication requests. Attackers capture legitimate authentication tokens and reuse them to impersonate users. OIDC uses JWTs (JSON Web Tokens), which may not expire quickly, making replay attacks highly
Topics
Community Discussion
No community discussion yet for this question.