zlacker
[parent]
[thread]
1 comments
1. golden+(OP)
[view]
[source]
2018-09-28 20:22:33
Am catching up. Would these tokens be the signed JWT’s, if so am wondering how they were able to figure out the signature part?
replies(1):
>>richar+U1
◧
2. richar+U1
[view]
[source]
2018-09-28 20:39:02
>>golden+(OP)
I imagine you just "replay" the issued/signed JWT to Facebook, so you can act like that user.
[go to top]