We’ve recently reported several methods to achieve several privilege escalation in Okta by getting the clear text of any employee, including super-admins + other methods to impersonate super-admins and users by admins of org units, or outsource companies. These issues were dubbed #PassBleed, and were classified by Okta as inherent operational risks of their platform.
This talk will present the research process that led to the discovery of these non-vulnerabilities. We will share our internal research methodology based on using knowledge graphs for trust analysis and explain it through showing how we used it to discover these major weaknesses. Our methodology is useful to:
1. Automate vulnerability discovery
2. Enable research team collaboration
3. Visualize & Prioritize
The talk will include some technical details such as basic Matrix math, a bit of Python code, and a (single) raw JSON data dump. A small code example will probably be open-sourced a few days after the talk.