Skip to content
This repository was archived by the owner on Dec 13, 2024. It is now read-only.

ambravo/lameathon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 

Repository files navigation

AMBA's Lameathon

This is a set of APIs with very different objectives. I had a lot of fun in writing them!

In total there are 6 hacks in one:

  1. Dynamic Okta Badges
  2. Bring the Action! (CLI abuse)
  3. "Progessiver"
  4. Action's Engine Explorer - Web shell (Platform abuse)
  5. Tenant Token Request (CLI abuse)
  6. FGA Preview* (Not everything is what it seems, CLI abuse)

After submitting this, I have to open two security tickets so that the team, who are specialists in this, could analyse concerns that I was left with.

1. Dynamic Okta Badges

This generated dynamic SVG badges including Okta's common Okta Icons. The parameters can be changed, but three default ones have been created (Auth0, Okta, FGA). The text has to be URL encoded.

Query Params:

  • label
  • labelColor
  • color
  • icon
  • scale

Examples:

Auth0

/api/badges/bta/This%20is%20the%20first%20badge?label=Auth0

Badge 1

Okta with customised colours

/api/badges/okta/An%20Okta%20Badge?labelColor=000000&color=purple

Badge 2

FGA 2X Size

/api/badges/api/badges/fga/Fantasy%20Games%20Association?scale=2

Badge 3

2. Bring the Action

The idea behind this hack is to be able to add buttons to perform operations on an Auth0 tenant. In this case, imagine that inside a Github repository, you want to add a button (using the badges!) that allows you to take your source code and deploy it to your Auth0 tenant.

This demo saves actions in your tenant. Click on the badge below to save an action to your tenant that you can configure with secrets and dependencies!

👇👇👇👇👇👇👇

Bring the Action!

3. "Progressiver"

Demonstrate URL Redirections and progresive profiling dynamically. The action that redirects the user, will determine the form to be rendered. The information is delivered encrypted in AES, uses ECDH to generate a common key. In this way, both, Auth0 and the backend will only exchange public keys. No shared secrets are required. Progressiver will use the same branding that you had configured with the lo-code approach.

Try the progressiver here: https://progressiver.a0.gg/

Username: hackathon@a0.gg Password: guarana_antartica@2022

4. Action's Engine Explorer

Have you ever wondered what runs under in the container that is spawn during an action? Explore it yourself in this link:

Action's engine explorer

You can also create an stateless web-shell using the query parameter cmd

5. Request Tenant Tokens

Abusing of the Auth0 CLI, it is possible to generate crafted access tokens including refresh tokens.

6. FGA Preview

FGA is here... deploy FGA in your own tenant!*

https://fga-preview.us.auth0.com/login

*But remember that sometimes things are not what they seem.

About

Solo Hack

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors