Skip to content

freddd/bankid-session-fixation-template

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

bankid-session-fixation-template

A quick and dirty template for automating bankid session fixation outlined in https://mastersplinter.work/research/bankid/

Usage

This template needs to be adjusted to each target by:

  1. Adding url(s)
  2. Make the headless browser click & navigate to the correct place
  3. Reading the JS response and extract the autostarttoken (or extract it from the DOM)

Use ngrok & run it locally. Make sure your phone is not on the same network as the laptop starting the session.

About

A template for automating bankid session fixation outlined in https://mastersplinter.work/research/bankid/

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages