Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support SimpleSAMLphp Nov2019 auth bypass vuln #47

Open
minispooner opened this issue Sep 22, 2020 · 3 comments
Open

Support SimpleSAMLphp Nov2019 auth bypass vuln #47

minispooner opened this issue Sep 22, 2020 · 3 comments
Labels
enhancement help wanted

Comments

@minispooner
Copy link

The popular SAML library SimpleSAMLphp had an auth bypass vuln in Nov 2019 here. This is a novel XSW attack that could be added into SAMLRaider functionality. I was able to manually replicate and exploit the vulnerability in a few vulnerable applications and can walkthrough the specifics. I don't know Java very well though - I'm a python developer. Maybe I can hack up some code and submit a PR to do this myself over Christmas break this year...
@minispooner minispooner changed the title Support SimpleSAMLphp Nov2019 auth bypass buln Support SimpleSAMLphp Nov2019 auth bypass vuln Sep 22, 2020
@emanuelduss
Copy link
Member

Implemented in #49. Will be available in the next version.

@emanuelduss
Copy link
Member

Released https://github.com/CompassSecurity/SAMLRaider/releases/tag/v1.3.0.

@emanuelduss emanuelduss reopened this Feb 11, 2021
@emanuelduss
Copy link
Member

The current implementation does not work. See #49 (comment).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@emanuelduss @minispooner