{"id":1078,"date":"2022-02-05T16:49:00","date_gmt":"2022-02-05T16:49:00","guid":{"rendered":"https:\/\/cyberconsulting.be\/?p=1078"},"modified":"2023-02-06T19:24:36","modified_gmt":"2023-02-06T19:24:36","slug":"debugging-saml-messages","status":"publish","type":"post","link":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/","title":{"rendered":"Debugging SAML messages"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1078\" class=\"elementor elementor-1078\" data-elementor-settings=\"[]\">\n\t\t\t\t\t\t\t<div class=\"elementor-section-wrap\">\n\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3c898db elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"3c898db\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4cf8333\" data-id=\"4cf8333\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8d0ce48 elementor-widget elementor-widget-text-editor\" data-id=\"8d0ce48\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.5.1 - 20-12-2021 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#818a91;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#818a91;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p><span style=\"background-color: #f9f9f9;\">SAML is a standard protocol for parties to exchange authentication and authorization information. It stands for\u00a0<\/span><em style=\"background-color: #f9f9f9;\">Security Assertion Markup Language<\/em><span style=\"background-color: #f9f9f9;\">\u00a0and defines multiple use-cases and features. The most interesting one is\u00a0<\/span><em style=\"background-color: #f9f9f9;\">Single Sign One<\/em><span style=\"background-color: #f9f9f9;\">\u00a0for web browsing. Its native integration with HTTP makes it easy and fully compatible to implement.<\/span><em><br \/><\/em><\/p><p><em>Single sign on<\/em> is known as <em>SSO<\/em>\u00a0and allows a user to authenticate to independent applications without being prompted for credentials. It is particularly interesting as it increases users experience because no credential has to be typed each time for each application.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-ab2a700 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"ab2a700\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-27c9a5e\" data-id=\"27c9a5e\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9de4af6 elementor-widget elementor-widget-heading\" data-id=\"9de4af6\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.5.1 - 20-12-2021 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">What is SAML SSO in short<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e920ca9 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"e920ca9\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-d81ae02\" data-id=\"d81ae02\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fa857bd elementor-widget elementor-widget-text-editor\" data-id=\"fa857bd\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The <i>SSO <\/i>SAML protocol defines two different entities:<\/p><ul><li>The Service Provider (SP): this is the web service the user is willing to use.\u00a0<\/li><li>The Identity Provider (IDP) : this is the web service providing user&#8217;s identity for authentication.<\/li><\/ul><p>When the user browses the <i>Service Provider<\/i>, it will be redirected<span style=\"background-color: #f9f9f9; color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">\u00a0<\/span><span style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">to the <i>Identity Provider<\/i>. Once authenticated against the Identity Provider, the user will be redirected to the <i>Service Provider<\/i> with\u00a0authentication information. This authentication information contains user attributes for the <i>Service Provider<\/i> to authenticate the user and optionally roles for authorization.<\/span><\/p><p>As\u00a0<i>Service Provider<\/i>, we can find Facebook, Azure and many others. For instance, because the user is already authenticated with Facebook he won&#8217;t have to type his credentials for authentication. Facebook will transparently forward user attributes to the <i>Service Provider<\/i>. How many times do you log into Facebook? Never! this is why SAML is particularly interesting for user experience.<\/p><p>The exchanged messages between the <i>Service Provider<\/i> and the <i>Identity Provider<\/i> is performed with redirection through end-user requests. The providers never exchange messages between each other, it always goes through the user browser.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9b36bdb elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"9b36bdb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3cf3f5a\" data-id=\"3cf3f5a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9fdca3c elementor-widget elementor-widget-image\" data-id=\"9fdca3c\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.5.1 - 20-12-2021 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"731\" height=\"346\" src=\"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png\" class=\"attachment-large size-large\" alt=\"\" srcset=\"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png 731w, https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml-300x142.png 300w\" sizes=\"auto, (max-width: 731px) 100vw, 731px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4a3e6b1 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"4a3e6b1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7e97cfe\" data-id=\"7e97cfe\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f174009 elementor-widget elementor-widget-text-editor\" data-id=\"f174009\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>For obvious security reasons, the <em>SAML request<\/em> and especially the <em>SAML response<\/em> are signed. This signature prevent the user to impersonate another user by modifying the user attributes from the <em>SAML response<\/em>. Moreover for confidential reasons, the authentication information containing the user&#8217;s attribute is encrypted and this is when the fun begins!<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8226ca9 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"8226ca9\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-835b889\" data-id=\"835b889\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-b977561 elementor-widget elementor-widget-heading\" data-id=\"b977561\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">SAML sample messages<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-afa8744 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"afa8744\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9938411\" data-id=\"9938411\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-21c74e8 elementor-widget elementor-widget-text-editor\" data-id=\"21c74e8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The request to the IDP is usually a HTTP GET request. The actual <em>SAML Request<\/em> payload containing the data for the IDP is usually a GET parameter called <i>SAMLRequest<\/i>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-02ec661 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"02ec661\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7dbb594\" data-id=\"7dbb594\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6f8fcae elementor-widget elementor-widget-text-editor\" data-id=\"6f8fcae\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>SAMLRequest=eJx9U8uO2jAU3c9XWN5DnAyPxoJUFPpAohAR2kU3lWvfFEvxo7YzQ\/%2B%2BTgpVKs2wsmSfc%2B45914vPFONpas2nPURfrXgA7qoRnvaPyxx6zQ1zEtPNVPgaeC0Wn3e0WxMqHUmGG4aPKDcZzDvwQVpNEbbzRIf9u93h4\/b\/fc3JJ%2BTeU3II2FTQcgsIzwXuajzeT3L5qyGXHCeTTD6Cs5H\/hJHOYxKZ56kALePlZa4KlGIAaK29y1stQ9Mh4gk6WRE5qN0dsoe6TSjk%2Bk3jDYRKTULvdg5BEuTRAo7hgtTtoExNyqpqkMF7klyGNuz7cv1gd9JLaT%2BeT\/rj78gTz%2BdTuWoPFQnjFa3\/GujfavAXeW\/HHf\/TPj\/PQhQJk2iFlw6E28Z97h4QGjRdZv2SV1xj6ogMMEC69iLZMi6qVja9W%2B7KU0j%2BW\/0wTjFwuvh0nHa30gxqnsoBcVksxLCgfcxZNOY57UDFuJMgmsBJ4NS1y0D0e9c7EOAS0Broyxz0nfDiBF46DPeUg6h6yYu0RHq4u6ecco7XLwu4\/FsnOhmBzzWPTmmvTUuXJvxonjnN7ljuHi4PQ%2B\/TvEHIUUmDw%3D%3D<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0f75cc0 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"0f75cc0\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-d0d7d5b\" data-id=\"d0d7d5b\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-86ce244 elementor-widget elementor-widget-text-editor\" data-id=\"86ce244\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The <i>SAML Response<\/i> is much longer because it contains authentication information with user attributes. Depending on the implementation, this redirection uses a HTTP Post method performed with Javascript through a web page. As the redirection is instantaneous, it&#8217;s fully transparent from the end-user point of view.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9f6a1f5 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"9f6a1f5\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-78ad4cc\" data-id=\"78ad4cc\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-abca2f5 elementor-widget elementor-widget-text-editor\" data-id=\"abca2f5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>SAMLResponse=eJytWEfP42hyvu%2BvaLSPxDRz%2BjDTBnOOYr4sGEWKFLOYfr3VPdP2JC\/WgAGdihUeVa735yV9duOHWy7j0C\/lp%2BPZ9cvHd%2BIvn19z\/zGkS7N89OmzXD7W\/OPGGPoH8gX6GOdhHfKh%2B\/w7kX8tkS5LOa\/N0H\/%2BpPC\/fP4nVVJFjlcEndJUnmM5XFUohpAlnpcoRkBEVRAkUtFwSXz%2BFJTz8pb85fNb0Vt8WV6l0i9r2q9vEgRjP0HkTzDpQfDH%2B4dRyedPfLmsTZ%2Bu36XqdR0\/QHAZv5RH%2Bhy78ks%2BPMGifA4w2PRFeXwZ6\/E\/03&#215;56%2B5\/%2BMIbfvlsmYJuSYr5T6wqSzSDMAKl8RwrSRyGYLikyYqiISjDERItcIKg8M9f\/\/Hp08\/fnPHxHeX89TfbTfFH489yTYt0Tb9Z\/hn8vcAPBePHbU3X1\/KN8CcSNxTlpyDtXuW\/dvnynfvj9srzclk%2Bg991g39W\/itcoc\/nc1zLgvkRp98MH2Wf\/89X\/o35t5B\/%2B\/Dfvt33\/cuOfhnmO4hAEAxCGPjmenP8x48MKZbm\/r%2BwQyBEf2P\/xvLm986x\/DcUC135LPv189c\/QHwDN8q1HopPTHcf5matn\/%2BGrrRcYIT6Kc\/yt5d%2B\/objQytPpa%2BG\/yv6r39y2FvN\/wfAeUl\/shjB\/gbvuzauGety\/haOPxC%2BZ8XX7oTv6tlDR2JLIXrJCBRoQpqhKtBGguqg0XB73s0KlUk\/w%2BV%2BLSsbo4%2BuJetushZ3ZQN2sQtysWHFX2noMfEiH16Q9oQJL6Cs4iD8aEzjZaLltAZ8Gz0b4YYkAOqzS59ylGkreFDgNtBT7Brxyg7pWA\/f27gjfHQhZGeTpqeSSVgX\/\/Iz%2BBf4fyD9%2BhfBv\/Eq%2BPs4fc\/Wv7jmewr\/kf6ridTnlSY5sire7E24WxVIK8xIcaOkw8sTiyImVmN4n7M1fyEp7iaygEKWp2a8iUnS8m5QL7ozXxyi55Q7uNKeQwg\/lWznXbOLXZyKQosjlhDW3d1sGZF7kzUlu2wPJ1vc\/ZWN3OiZlh142F75Ks7e0MiK3cfoLoLqK4C4opeL5hUbJfSNUVNA9o%2BHpF8EeOpH22gpcyMe1B6xr4oUbtklV\/Zjmng97p6OMQq34tVuCqEqXkQrM0lLfk1g50vbNlJpsGei7ec%2B2FrKny2qsUa38NadRm73YUS4IHn5dvu6gaZHwwbCt4fCmgQ7BdhUjSzfh3PdlNsmH3foYHcASMiFIJw1ADHU2TUl0M5Zb8g3CL557gh5VVfX4p0uPe5iUGkwLeMGcGJd5BFdjrwYoVIexTFtdKaMiaf7ORgzwFLast433AzVXFTYxJyn3RNklMGRBLptA\/tYyGrUJLUu1hcmMEeRJWhhSlsAXqmwZTCNoN4t7aPJ28ok4AKdyobMZR5EchqkadsuPbkloe\/tg6jJ57ge4OMRydY%2BSdB0IMMyJukYnlpk3FAoB3Nbpe7Z8wz9nmgCCHmUw1WBNTFA7j3wmqmQzRbiWdqEAIeYe5x\/%2BwDCwzMhY%2BxWHZ5r7EU5ixdUkXf7sHSVc\/v4Xf33u3uNa6qtGlosQYeV4atEk4R3dmV\/LD6Fa4ZSDxR7wjfj4dDmmN3l5rY5xjzN%2BmTchifvWv1MHQg5sAuWUex8sn3R3q2tQNuJhPWH2AEWTdqQrzm7irhkEPOJDclIQGhgYHDvmK1dOcF3ffNdsxZXuVhNp2MKGulRZAOvgpMi1GDZQVXQ3BJfdIg0V2eBnuCohV3kCfS6RW0VM4HVwMqwK7N%2B7ZuDN7kFUBrFwzR23SGRnTSAr1nJpKnDjzruehJ8j8wgZV3uCGAKmphzFnuPbusgh0MJUB0vU1QfEOfNr562C6gxOwrWNt2fcmQyR\/SFq4qVWlPkEnobOg1cJPeYuqdJSQPZnulmoJXsir4bEBTxW5W%2BWpORowJDX6MhPFs3o1IIRQ1uGxeQgwbdKZ2UIzqI395z%2BOKs\/GXrUIropRdyMU6g48KlUEC0wYi98zjz18ljOPRZnJfHYkPkXXWrM4SkdOlpzIUQhj2l4BsER6NxLMlTVuokyVaK3nbs7gFTbWzkYrGzpmoW1lMgnGax3CpKuT2mRLjoanm2h2PoBMYCQ8ybc70BxlE53NxqeF0cQD4hbdBr\/gBRnJ9WFEFf7KyggynR%2BrzuFoYBV6fv%2BcIZZ8gn7eyShec5u%2BmjL4x5ry97YcAwmwyVNCA4TCWcA7estEi9JxL8hHjzkc46TrkWf1cr4CGtT7EgfWf2FFAQeGMq26vck5h3sSVGBfUeqg8u1NkJwuh21CEjqSU54edcwvsc09oE7\/ZRh3PE3M2HxD7mkRhqfsqzmY0Kv9TM3sLC3nBZ5oI7u9e2ll42uxM7952fL3jNETGkQDMgKCAg6%2BV4upneoBS06MA7MSpVqHCZmPi5fcCd1mpVSXtKAj%2BI6UoVjd89TBDgaeSM3VhPRyeaMHnSAh\/4uuXct9Gpx8uXc6ucfLDs1eiiMoK9FdIJOtqdiNjlNvoQFF2uGB\/d0JrYDshL7ZiyuPLFY6ypKssXBqEelYAfKnTutvJ48TNfO82V8s2muO8ZGa7VE74xpywxlBICbLCh6RTfmR2ITPseLLqukC%2BbJNjhjpy91z%2Bgyh0kh0G8cIifoLlI92Craufg4ZVJx8YaGHdYJ24orTm9beFOnmsH8LP6EqV7WvscsuZW4nn8ZZC03%2B15RjXDIUUTWWaPDjo6b6Wi7lETIqglfELcbUgbgFvBZ8tM8GZabkpjSq5f8EALvnMbKD0oMiYjGjUHaZ5YcIGs1im7UxyyqcZOySSccWUrTWa3g83kPQZxJdTdQ9ZrTPPumP7cdxR9j1YfOiUorTuhCR9k3xpqNMN6g\/VWGw3d0cx910yV3xZSkpY8NC0buiGS5bbpO5NWfNtM40pMcevFUR9zqGovdIG3Otuxm0rjfle6ySFeiQvuDNGJN7rnL2qqACN%2ByOrCB4N1H0VHRF2hP8jARQUKFg25baVCzOXEYwOVt\/Ut9%2BVCdckmZaiX%2BnJk5L2ICYl6WwCGnOq50Mwi7AiaxKWOr2xJ2DCK0dF3S2L5pBdv6lizDHxGaKHn8bG\/gHbmiHrE3zVURjlNO\/AELtdIDYCQIU7spcLhdolNZQZnETcwoSscReTLrxh\/urdIvlhK2sy%2Byzms0zq3Y6jgOZQPxslB1JPLCivaTbf9SN5BMFFSwKPdY24SB6Sucnyyk\/R60cNeCxemMFMi5%2Bbak4nS9g8bpmMMgmoUmwHjRVzNUkrUaMp0jcOBsJN09HzVt53D1YDpq\/LFczuMiWfFuaYnTjboW6K6XOYzaNOBL9TiPBsqTqSYXGhmLTh\/oHGWpAi4WN%2B3nZLG5hWYzXmFz22PHoDiGh5jBiVebQcz1FVePVJVpB\/ILXzym3NFUaytblqe7zKsbg2XHYFf9QtAEswQUWxe76eJGD2aeEepYE0PJTVP6\/4sIgN6OaVlFu9eUZQDaycr7UZV0hs2SLYh5GI9A4U1RcYOEKos1gDqSHue5bnHwIJVlcEvvfYjhVYd%2BhFi6i0rT9\/Rn8Y%2BlDyGZykt3EjYWXxtdPkNIH0XutkxVSNI4Ggj2Lna0nFEE02noYfiIHBZvl8ZrWo7Hy9hwFnnbaa5W30rvHLDOblDdkNOt5tljiXCvq5gfK1taktSor2S8xzV8eZMi\/EADbV03YeqdGxSvMeyNSwiGOds%2BrLVjDqTdUTAKq\/7%2BykmbHKJju0MVBo69\/4kII%2BV5V57V9U%2BzvUDok1V314HExPVhr0b\/HbGIT8uRlps0DxCJA6ciEslUqqJcjldQStE%2B4q2x33u2nhLuC63mvSA2%2BV2IUTMT0ERx6QCqxOgAbfKpVUAyNX0OnrNdpqnAju9n3VYNK5jx0iLR4prM0n4%2BET47AUT1LHPqoQeucAUuMOZqas1tQ6IJR%2BT3i5llIUHV9JMo9F0pxN6pSf0qsmtM2hPicYCeawT4WXb7xPLVttpuwUb7hWcKHW2sAbBnusMtjvoLO%2B1wqNga5nEu7wxTU%2Bo0yaiYLYNuwj0niwWJFOu\/D7C2M4\/TwyEk%2BBEixv63iCyYKKpMhBCiQXinsRWm83a98wW7yIo86lKYeEJFl56JaGsyvp5y%2BvbGg6PFNlTcgCcoQLfI\/VdWZ7khvBjrg5BjkiR5jA5pqQuHphMV%2BQGDoGAXySbE6jQwtVhQykJeHHSk7x2B7tQMTRgEiY7BM9Vc%2BIyEhOdu97nyqPvlIHahFm0Fvy4kdJRlTEynx2CqDWLD9ZSP09zgtpk6fhLzT1f916mrfbN%2B3bLj3eljhLjA4%2B1VCUsy8h8iGstu2I3CnRaOZVxBd1Uelhq80SmIySLxI%2Be%2B61CNC4Xv%2B2uQeswjp5UzOpA9lMIhQfBdk21acE9riH62bNGCYZlKaPDqzxuZb41nuENPu8ea9aasJMYxNZD6Dgzyckz4nZQqflOuayzMqutqZsjbed5QkYJh97TNvd2n1%2BhN6uLb2dyFVm8N9ACGLk8tQt%2BGSb5GLM4l03mcDlj2A%2BBVEl7wo7WxJbxY3v3gXMVdoOF5s647B4LJEGFNN6cSGu%2Bxc9K95MszM75qlA7ifFLAF8PfK4Uia\/Yl0aKQCmCpBeIURCWVxfsIrO4SVhKIG0NrKn6IQLwFfDuYGdHpzhFEe%2BFne5EkrZAAK\/L64wdcNdyNafM7VXQWJ3I1MGHIe7pr1ekmsqQkBxGPltSPZrSSGdhkvzsb67m7wfwXy7nf\/z5dP5xF\/\/26vR37z4\/3oh%2BPIV9\/S9Hvrur<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7d69bd8 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"7d69bd8\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3bf4907\" data-id=\"3bf4907\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6380c74 elementor-widget elementor-widget-text-editor\" data-id=\"6380c74\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>These samples have been taken from a very interesting website around saml: <a href=\"https:\/\/www.samltool.com\/\">https:\/\/www.samltool.com\/<\/a><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-27ba921 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"27ba921\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5dad755\" data-id=\"5dad755\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3be5837 elementor-widget elementor-widget-heading\" data-id=\"3be5837\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Integration problem with SAML<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-2f7ece2 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"2f7ece2\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a7358f6\" data-id=\"a7358f6\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4aa540e elementor-widget elementor-widget-text-editor\" data-id=\"4aa540e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Like any other IT implementation, sometimes it turns out the integration doesn&#8217;t work as expected. Sometimes the <i>Service Provider<\/i> is unable to authenticate the user with the parameters received from the <i>Identity Provider<\/i>.<\/p><p>In some corporate environments where a lot of commercial solutions are used, it can sometimes be tricky to troubleshoot and debug SAML authentication issues. Usually you don&#8217;t\u00a0<span style=\"background-color: #f9f9f9; color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">easily\u00a0<\/span><span style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">have access to debugging information from either the <\/span><i style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">Service Provider<\/i><span style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\"> or the <\/span><i style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">Identity Provider<\/i><span style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">.<\/span><\/p><p>In my case, the <i>Identity Provider<\/i> was Azure where I didn&#8217;t have any kind of privileges to get debugging details. The <i>Service Provider<\/i> was an old legacy commercial application where even the trace log level didn&#8217;t provide much information to understand why the authentication failed.<\/p><p>Running out of idea, the next actions were simple: read the content of these <i>SAML Request<\/i> and <i>SAML Response<\/i>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e442912 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"e442912\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c350788\" data-id=\"c350788\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-884ab30 elementor-widget elementor-widget-heading\" data-id=\"884ab30\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Debugging SAML messages<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-efd1fa4 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"efd1fa4\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-54a7840\" data-id=\"54a7840\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-12acddf elementor-widget elementor-widget-heading\" data-id=\"12acddf\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Debugging SAML request<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7b8c33a elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"7b8c33a\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3c86225\" data-id=\"3c86225\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3c0dce4 elementor-widget elementor-widget-text-editor\" data-id=\"3c0dce4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The <em>SAML Request<\/em> presented before is definitely not readable as it is:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a948df8 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"a948df8\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-59ca4ff\" data-id=\"59ca4ff\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-66c0956 elementor-widget elementor-widget-text-editor\" data-id=\"66c0956\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000; letter-spacing: -1px; background-color: #f9f9f9;\">eJx9U8uO2jAU3c9XWN5DnAyPxoJUFPpAohAR2kU3lWvfFEvxo7YzQ\/%2B%2BTgpVKs2wsmSfc%2B45914vPFONpas2nPURfrXgA7qoRnvaPyxx6zQ1zEtPNVPgaeC0Wn3e0WxMqHUmGG4aPKDcZzDvwQVpNEbbzRIf9u93h4\/b\/fc3JJ%2BTeU3II2FTQcgsIzwXuajzeT3L5qyGXHCeTTD6Cs5H\/hJHOYxKZ56kALePlZa4KlGIAaK29y1stQ9Mh4gk6WRE5qN0dsoe6TSjk%2Bk3jDYRKTULvdg5BEuTRAo7hgtTtoExNyqpqkMF7klyGNuz7cv1gd9JLaT%2BeT\/rj78gTz%2BdTuWoPFQnjFa3\/GujfavAXeW\/HHf\/TPj\/PQhQJk2iFlw6E28Z97h4QGjRdZv2SV1xj6ogMMEC69iLZMi6qVja9W%2B7KU0j%2BW\/0wTjFwuvh0nHa30gxqnsoBcVksxLCgfcxZNOY57UDFuJMgmsBJ4NS1y0D0e9c7EOAS0Broyxz0nfDiBF46DPeUg6h6yYu0RHq4u6ecco7XLwu4\/FsnOhmBzzWPTmmvTUuXJvxonjnN7ljuHi4PQ%2B\/TvEHIUUmDw%3D%3D<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a7aa2f5 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"a7aa2f5\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-54448ad\" data-id=\"54448ad\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-628a02c elementor-widget elementor-widget-text-editor\" data-id=\"628a02c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>It turns out, the <i>SAML Request<\/i> and <i>Response<\/i> are compressed and (obviously) base64 encoded. Because these are used in HTTP Request parameters, they&#8217;re also URL encoded.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a65dbe5 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"a65dbe5\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b6fc4ee\" data-id=\"b6fc4ee\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d7e2856 elementor-widget elementor-widget-image\" data-id=\"d7e2856\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"250\" height=\"154\" src=\"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/samlrequest.png\" class=\"attachment-large size-large\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-998f45b elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"998f45b\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b9e909d\" data-id=\"b9e909d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e42715a elementor-widget elementor-widget-text-editor\" data-id=\"e42715a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>To be able to de-obfuscate the <i>SAML Request<\/i>, we need to apply in order:<\/p><ol><li>URL unquote<\/li><li>Base64 decode<\/li><li>Inflate<\/li><\/ol>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-fe02967 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"fe02967\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1a2384b\" data-id=\"1a2384b\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ad21996 elementor-widget elementor-widget-html\" data-id=\"ad21996\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<link rel=\"stylesheet\" href=\"https:\/\/jmblog.github.io\/color-themes-for-google-code-prettify\/themes\/tranquil-heart.min.css\">\r\n<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\">\r\nimport zlib\r\nimport base64\r\nfrom urllib.parse import unquote\r\n\r\nrequest = \"eJx9U8uO2jAU3c9XWN5DnAyPxoJ...\"\r\nunquoted_request = unquote(request)\r\ndecoded_request = base64.b64decode(unquoted_request)\r\ndecompressed_request = zlib.decompress(decoded_request)\r\nprint(decompressed_request.decode('UTF-8'))\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6f202a5 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"6f202a5\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-06e1b54\" data-id=\"06e1b54\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-559663b elementor-widget elementor-widget-text-editor\" data-id=\"559663b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The result is:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f52739c elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"f52739c\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e508c28\" data-id=\"e508c28\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-321ab2b elementor-widget elementor-widget-html\" data-id=\"321ab2b\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<div>\r\n<pre class=\"prettyprint linenums\" style=\"overflow-wrap: normal !important; white-space:nowrap !important; overflow: auto\">\r\n&lt;samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"ONELOGIN_809707f0030a5d00620c9d9df97f627afe9dcc24\" Version=\"2.0\" ProviderName=\"SP test\" IssueInstant=\"2014-07-16T23:52:45Z\" Destination=\"http:\/\/idp.example.com\/SSOService.php\" ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" AssertionConsumerServiceURL=\"http:\/\/sp.example.com\/demo1\/index.php?acs\"&gt;\r\n&nbsp;&nbsp;&lt;saml:Issuer&gt;http:\/\/sp.example.com\/demo1\/metadata.php&lt;\/saml:Issuer&gt;\r\n&nbsp;&nbsp;&lt;samlp:NameIDPolicy Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\" AllowCreate=\"true\"\/&gt;\r\n&nbsp;&nbsp;&lt;samlp:RequestedAuthnContext Comparison=\"exact\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AuthnContextClassRef&gt;urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport&lt;\/saml:AuthnContextClassRef&gt;\r\n&nbsp;&nbsp;&lt;\/samlp:RequestedAuthnContext&gt;\r\n&lt;\/samlp:AuthnRequest&gt;\r\n<\/pre>\r\n<\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d767389 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"d767389\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1acce1c\" data-id=\"1acce1c\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-2b12271 elementor-widget elementor-widget-heading\" data-id=\"2b12271\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Debugging SAML response<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-68f8aa1 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"68f8aa1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a70415c\" data-id=\"a70415c\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-30bdf83 elementor-widget elementor-widget-text-editor\" data-id=\"30bdf83\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The most interesting part is the <em>SAML response<\/em>. If we de-obfuscate the response like we did above, we have the following:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d042c84 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"d042c84\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-34ac041\" data-id=\"34ac041\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ea831e3 elementor-widget elementor-widget-html\" data-id=\"ea831e3\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<div>\r\n<pre class=\"prettyprint linenums\" style=\"overflow-wrap: normal !important; white-space:nowrap !important; overflow: auto\">\r\n&lt;samlp:Response&nbsp;xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"&nbsp;xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"&nbsp;ID=\"_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6\"&nbsp;Version=\"2.0\"&nbsp;IssueInstant=\"2014-07-17T01:01:48Z\"&nbsp;Destination=\"http:\/\/sp.example.com\/demo1\/index.php?acs\"&nbsp;InResponseTo=\"ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685\"&gt;\r\n&nbsp;&nbsp;&lt;saml:Issuer&gt;http:\/\/idp.example.com\/metadata.php&lt;\/saml:Issuer&gt;\r\n&nbsp;&nbsp;&lt;samlp:Status&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;samlp:StatusCode&nbsp;Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"\/&gt;\r\n&nbsp;&nbsp;&lt;\/samlp:Status&gt;\r\n&nbsp;&nbsp;&lt;saml:EncryptedAssertion&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:EncryptedData&nbsp;xmlns:xenc=\"http:\/\/www.w3.org\/2001\/04\/xmlenc#\"&nbsp;xmlns:dsig=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\"&nbsp;Type=\"http:\/\/www.w3.org\/2001\/04\/xmlenc#Element\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:EncryptionMethod&nbsp;Algorithm=\"http:\/\/www.w3.org\/2001\/04\/xmlenc#aes128-cbc\"\/&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;dsig:KeyInfo&nbsp;xmlns:dsig=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:EncryptedKey&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:EncryptionMethod&nbsp;Algorithm=\"http:\/\/www.w3.org\/2001\/04\/xmlenc#rsa-OAEP\"\/&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:CipherData&gt;&lt;xenc:CipherValue&gt;ly1gJyn0xZPGW3zH20VKEab3J+kXEJQ3XoSmgNf3H7Ub5HntefP49xlk7hlqOsRtBVBsPd7sP1IUt90jqDFDWz0Km16TV8Odx6UXpaYsq9Hah+UP3yiES2Z+3UBsnaC8NPI5Vd5P+n8BtXDIw0L4n1gkYl6U3s6HQvGqmIbG4lY=&lt;\/xenc:CipherValue&gt;&lt;\/xenc:CipherData&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/xenc:EncryptedKey&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/dsig:KeyInfo&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:CipherData&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;xenc:CipherValue&gt;aUDIiZxbfYvPvEgOf\/9IAp8CpGL1sm4XXAYJY1wrbtcu2a5RZHE30OTJbDN4GGs460u9lNuC2Lc8RoRGwc02DqeBlTzrR4zCJ30sQFe04lgRbsp2gibieBsvjQbsRwubpCpTNOPVT4wfUJ5BS3XOYRjpRsEJUI+Ft3zR3cfBXZ9SAJa+HUxjGLz6\/yLxkiKaAS6j8wXBuf7ESbzHfPjqqDLYlmQMpESdukvI6JITX9Ir79GUh64yuKvv7Ii4mZKwywoPKaDyk3KBMlsDOg92Sgop2CVZuUPkuS\/NT91M2DkxIBN6BqV4qfpBDnWrhievvHxg0xBw++Z7s66QtV\/43QwKIVKyrLi7MpEDimw27zfzlk5lLGjgFVfK19H5M+y4lXT6lc2uAEfIjdxqv9bIpZTLUc\/YA+sePHLniCr0hCXdP6rcalm\/AIoQGE9kkVPxs7fpKGJhdtu4EAxdbZ3dNGvV\/zaEvb1923TSanXqTveZVCVL8bobRAj6ZyM7NPPR9qRe6Lwkj6h7mptx\/jjXHOwqG0qx2ospZapWyKXMS30c\/cPJ8gbmyWUn6iV02jeozf\/h6o0RgVTiqdHNk0DB9N0+Q6rn5DKyr05WyZ7Y4SfxTRMwderFz0f7gPxOLJCRnYAlgggRzptaKtK3dsVl4eWue3ZZDQwIwjsU85KMIho8By1SMjQ9NpbgHiSvQMrqrLqMSomDROnr8x27oBs4b8BryBndkgOvd3kq71LjFl+O97P0UKQwJ2R7VYDZP0H2V6K\/VMC43Qtleq1gLvURNhFtHdtNQlAd92n32v\/zdCGX3MBBoJI3cOFu9W2izlO\/TEQJdPdcZ0uSXkfYAVOi1IowIrLzwvQ5icO+8K8D194zg0FBqK+DhBGN98xUXlCzm6Dn2r\/8OzRp+4I3ZNrbYTjlvl0QC36\/JpzNFJj0CTrun9Pd0iNl81KvLUqc2qNp3u5JIOaOqXR6LkWQi1dZgY8gaZe9+bwbLNVKeBt3n8B0XDvfaukNAHXd43upMEmkRb8a033MCvps\/C0oLQeQaC6l0DvIsszCOcuPL0a2LeTWCY563psCa0V6kVp4FVfbUtqTAC3mdyzTB4oXTzhkLA6GIlayMrdEWWn8I5v01XpMxsZmHIhZZbt89vw4gT+qhMv7sOBrKJKO4n8\/1abYHkIIevjqZEz9fsmkxQML64B+oYDNrhv+MxfQCrkK5hdx+cq2kVnKUo08CUaf869zBrI3oNG9LrtwO44+zlLwcsCMyWDZkrR7dTTQwNU3u4A101wdM11BZofGo2518ZCQ1kBGsGnTF6Dq2TrxarL58RODgJf+jGtmFd7UQrTI\/EEDMqekzewZYDR4sY3EJgWJjCWLBq049kpL0MZhGHZDrcG5nc4KkZ5lwpL1c2NwNjGBjrp6ohDqcbrBXdUeKNnO4WnMRBAz1lPnKvk9svPlFlRlequ1tc2FW8\/NV68+V7hsxmRbLi380sL+l81fJEf5H6qDrkj1lKkKfe9TIZ1j6qzaIKDwT4EE1qpCMwMtyQL6iWZm9EDVULOQgvpQhpzUHcOeqU\/enJXz8b6BSdGy\/QKg6XBsSpU00XzRFYxlokN4w+HshQNHFtDdjph8fbcsA28jfE5xJ0ywPIjuDrDhQizaDivIRP3yWtfm1SAyHGA8IW+BVv3aqYgAw+XNPgVsLLI7uP76Bog2ynTnj0fRoGQA2TWoYm\/NsGgVvfhQxD1tAapiOoARotqCoeOraSvWw7ytl+DrJuFGgahUC2tcOZTTDzM79Ulwcb8ioxGXq7ebjl0xlTt8Xljh6F\/KZDZ6gP0Ko+SdDbsr6DNaevIiNGRUdD+k\/A6G+eT0XMqMXpKQ2im4Vz\/BKlIwQdxHNJYQeAZCMzbt97bSxBbHwY\/5IWLRxHLh4KTg4Lmww33XAYU0yG0ahlEiWj7nkMJXr1Li4nOkXolxirnliqfUkdGZaeD0qsv3v2GORkac4Kt5vvNMzZNFvnFpLpc0fkz3s1vhbw4SJ95UleRZxFzZR\/wA6lFS9nDz8qf+MYjHJsDVoOgpFQF3REnx7VR3E81FMHkkGdFcHZTBVJDPLvcUHdJR7iaA8uJuQH2mleEZJSs+A7qhrdKNdWl6975GlDfPGEv48AL3OaOBDZnFSJphBA1yX3dLcYxwu+krC6hp5d7UeXc99Q1q\/szp8o+Eb2QYTaExRlZP8bMCO6S\/Z9f532HzUfAUqgk2csOIairURCQBQkQSxof1rWHxAQc\/3THef4dkvLPUXHw\/\/ZIa+T9RxriZQ\/8zepmBqGuu9owhEz4IAqZHcNtn7ZIknjP19Y400h34r+Mu6ziseG8pNH9h51VEw79XmuhSwC5JVAnfeuDCw14FyfCRNTFqP\/UOFJszNmVkaoDdJdyyi8YZGY7s9AtdCUo95B7861dt7e5IaYNzVNiyzWmvwXj+IRMTANVe5fvxAohfcfjaJF9j2SWmDvQzXXYKtRaeyKg6fSiCbxVUfns+76AoX8BchwyN2Mn3ZTxeI4in0ZhD9LUrF2o3zQeONdhsxdeoBPZt9RXfZnMP\/7kW0R4nA0Wh87YQ+WJB4i+Jp9TTOTRxoB\/ffb1uLhUXI9JQ9jW4JSbeyUQLmMwoeD45ba9ES71QsUKpRDv+7UR0SPY8h22VQKp\/lRKslC6iXqyMLWFoECbcwzb9JKwDYsWVCOySr9CShSdTev5CHl2wMHavSONpe2BuzVputkaPGGZKuZyypJpSQqsMj\/MJeRRjJIlBZdBoJOosF\/YcBauPJb8yZtp2\/fchngyFZBZzFQPQo8aWQgny60TBHHnKGZawprhj09NJLvuxAY6fv4GtmvyYWDpsMadv0rp075+y2R8ZGaKFHeqzVkEXwt3kxgrlkYvZClcOiax1ksSz26YDqVdYY7I1Jq+K+SfR9J++cJazxnKPQimI1QnUbl4XptplAGsT7FtiqG5pm2Dbu168xwrJG3xcEAd5QCNaRKihL+FeDY7TwGb8O5VzZiqpMilyQWTeTEnJNCtr\/PqZKB+cYL6WzPPptiPJkqvSVv5TdCFGlPEtVVwcLA4wQ3rHwhID3\/kON6R7i4KLZ8yP6XVrPMPdVLn7ds2bIzcgp14wDmy4\/1ZVy3dS3NAHbVq98eVEWGB+Yn74tPBbkvjqFgF\/HDaJ84Wy\/dTazZWHJHLySchStWoja2wa7o+Qof\/8RO51VTGRW1jrfxEHX7F9C4HY8GlYoAbLIHi1W+VDsGPCE8WO5Jov38G+uCGm7zwQ4z3FWM1717l25cJNqCb74FQgLncIjnlIo8vErFOs5xS7GxfeY2ryl22JhB5oOshmyNq0kZslDzJcTULTuNPJni3UBcxB78pGAU+jteJG4bb7coYhKbzYRXVL9IyIpt\/RaGjOJim2qxW7dZUXmwSf2KCcF3ZZDVkQAQLZfAtQ0PmEWEj6BlifvKVgYh09mnBMe\/WeeH3ouexSecviTMToUDRxtbkN1QZM6vn03prAZyDAFvx8aNkxgblObOkh8SQGvyyy0Me1WTmPNwkwruWTrJsUPbHfXODTo9E\/XRD8wEUeWZcpYB5CbqNozQpWnoVGfGwZBpOqBeYjvR4nytEwMB0rlMzPn4VGEJ0KDNq7OrSYmfLUZbWbyrzf3PZY5zE\/uj5rfIGDfBuK7F+eF\/7TVFXVWezlVwFAsRZWeG\/9OoBNJUW2+Df+aeyyl9a5886nr89lF79O\/+5hezyYQ\/wKcJc8Nvud94hZH8xDWW5TLuuXJNIoZ7C47mk7JxieMarEqGUb&lt;\/xenc:CipherValue&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/xenc:CipherData&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/xenc:EncryptedData&gt;\r\n&nbsp;&nbsp;&lt;\/saml:EncryptedAssertion&gt;\r\n&lt;\/samlp:Response&gt;\r\n<\/pre>\r\n<\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8bc91bd elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"8bc91bd\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0a1cfc7\" data-id=\"0a1cfc7\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4880a79 elementor-widget elementor-widget-text-editor\" data-id=\"4880a79\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The actual authentication information with user attributes is what we are looking for debugging. This information is encrypted and stored in the CipherData tag under EncryptedAssertion. The EncryptedData tag provides useful information about how it has been encrypted<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-68ee62a elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"68ee62a\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a11a966\" data-id=\"a11a966\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-04f3d45 elementor-widget elementor-widget-html\" data-id=\"04f3d45\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<div>\r\n<pre class=\"prettyprint linenums\" style=\"overflow-wrap: normal !important; white-space:nowrap !important; overflow: auto\">\r\n&lt;xenc:EncryptionMethod&nbsp;Algorithm=\"http:\/\/www.w3.org\/2001\/04\/xmlenc#aes128-cbc\"\/&gt;\r\n<\/pre>\r\n<\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4c13d3f elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"4c13d3f\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-749d2a7\" data-id=\"749d2a7\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c678133 elementor-widget elementor-widget-text-editor\" data-id=\"c678133\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The information seems to have been encrypted with AES 128 bits with CBC mode. AES is a symmetric cryptographic algorithm where a unique key is used to both encrypt and decrypt.<\/p><p>There is no such shared symmetric secret key between the Service Provider and the Identity Provider. The key is actually bundled into the response as well! In order to prevent anyone to decrypt the content, the symmetric key is itself encrypted inside the EncrypedKey tag. It also provide useful information about how the key has been encrypted:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-bc13472 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"bc13472\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-700a5bb\" data-id=\"700a5bb\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-51d3c7b elementor-widget elementor-widget-html\" data-id=\"51d3c7b\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<div>\r\n<pre class=\"prettyprint linenums\" style=\"overflow-wrap: normal !important; white-space:nowrap !important; overflow: auto\">\r\n&lt;xenc:EncryptionMethod&nbsp;Algorithm=\"http:\/\/www.w3.org\/2001\/04\/xmlenc#rsa-OAEP\"\/&gt;\r\n<\/pre>\r\n<\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0008423 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"0008423\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-31c04cc\" data-id=\"31c04cc\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-52c12a5 elementor-widget elementor-widget-text-editor\" data-id=\"52c12a5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>This time, the content (the symmetric key) has been encrypted with RSA and the OAEP padding scheme. During the initial SAML integration, you need to exchange metadata between the <i>Service Provider<\/i> and the <i>Identit<\/i>y <i>Provider<\/i>. These metadata includes certificate linked to their respective RSA private key. The public key from the <i>Service Provider<\/i> certificate is used to encrypt the symmetric key.<\/p><p>Because I was managing the on-premises <i>Service Provider<\/i>, I was\u00a0<span style=\"background-color: #f9f9f9; color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">easily<\/span><span style=\"background-color: #f9f9f9; color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">\u00a0<\/span><span style=\"color: var( --e-global-color-text ); font-weight: var( --e-global-typography-text-font-weight );\">able to get the hands on the RSA private key. Without having access to this key, it is fortunately almost impossible to decrypt the SAML Response.<\/span><\/p><p>Knowing all these valuable information, we need to perform in order:<\/p><ol><li>Decrypt the symmetric key with the RSA private key.<\/li><li>Decrypt the authentication information using the decrypted symmetric key.<\/li><\/ol>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1695173 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"1695173\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b03096e\" data-id=\"b03096e\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-64ecc8c elementor-widget elementor-widget-heading\" data-id=\"64ecc8c\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Decrypt the saml symmetric key<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3001df4 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"3001df4\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c9fef33\" data-id=\"c9fef33\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9a089c7 elementor-widget elementor-widget-text-editor\" data-id=\"9a089c7\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Decrypting the symmetric key is pretty easy as we can rely on libraries.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e3f22df elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"e3f22df\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-833999f\" data-id=\"833999f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-abb38c2 elementor-widget elementor-widget-html\" data-id=\"abb38c2\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\">\r\nfrom Crypto.Cipher import PKCS1_OAEP\r\nfrom Crypto.PublicKey import RSA\r\n\r\nimport base64\r\n\r\nencrypted_key = 'ly1gJyn0xZPGW3zH20VKEab3J+kX...'\r\n\r\nkey = RSA.importKey(open('key.pem').read())\r\ncipher = PKCS1_OAEP.new(key)\r\nclear_key = cipher.decrypt(base64.b64decode(encrypted_key))\r\n\r\nprint(clear_key.hex())\r\nprint(len(clear_key))\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0d8a9e1 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"0d8a9e1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-59857c2\" data-id=\"59857c2\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6347c57 elementor-widget elementor-widget-text-editor\" data-id=\"6347c57\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The output tells us the key value:<\/p><pre>cb0bb80fff69797dabdef51463fa3cb8<\/pre><p>And the length confirms the decryption was a success (OAEP padding):<\/p><pre>16<\/pre><p>They key is a valid AES 128 bits key.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5203536 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"5203536\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-65d17ea\" data-id=\"65d17ea\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9bab3c8 elementor-widget elementor-widget-heading\" data-id=\"9bab3c8\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Decrypt the saml statements<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-791e790 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"791e790\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-35632fa\" data-id=\"35632fa\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-207f25e elementor-widget elementor-widget-text-editor\" data-id=\"207f25e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>If we look at how the CBC cipher mode works:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d7025f4 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"d7025f4\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-d1f0ca4\" data-id=\"d1f0ca4\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-466cb1c elementor-widget elementor-widget-image\" data-id=\"466cb1c\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/thumb\/2\/2a\/CBC_decryption.svg\/600px-CBC_decryption.svg.png\" title=\"\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0c1459a elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"0c1459a\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8f04517\" data-id=\"8f04517\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3e97930 elementor-widget elementor-widget-text-editor\" data-id=\"3e97930\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>We see that we are missing the Initialization Vector to be able to decrypt the <em>SAML Response<\/em>. It turns out the IV is the first bytes of the ciphertext. As we have here a AES-128 encryption, we can assume the IV is the first 16 bytes.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d8a0db7 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"d8a0db7\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6d10f92\" data-id=\"6d10f92\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8b53d92 elementor-widget elementor-widget-html\" data-id=\"8b53d92\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\">\r\nimport base64\r\n\r\nencrypted_text = 'aUDIiZxbfYvPvEgOf\/9IAp8CpGL1sm4XXAYJY1wrbtcu2a5RZ...'\r\nraw = base64.b64decode(encrypted_text)\r\niv = raw[:16]\r\ncipher_text = raw[16:]\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-ac547c5 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"ac547c5\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-69beb07\" data-id=\"69beb07\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-2c89359 elementor-widget elementor-widget-text-editor\" data-id=\"2c89359\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>As soon as you have the initialization vector, the key and the cipher text, the decryption is straightforward:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5cf8108 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"5cf8108\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5c7b325\" data-id=\"5c7b325\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5158aaa elementor-widget elementor-widget-html\" data-id=\"5158aaa\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\">\r\nfrom Crypto.Cipher import AES\r\n\r\ncipher = AES.new(clear_key, AES.MODE_CBC, iv=iv)\r\nplaintext = cipher.decrypt(cipher_text)\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-108e1af elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"108e1af\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6374ca4\" data-id=\"6374ca4\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bd5ac33 elementor-widget elementor-widget-text-editor\" data-id=\"bd5ac33\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Before using the plaintext value, you&#8217;ll have to manually remove the padding. It turns the last byte of the plaintext is the size of the padding.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7ae4ff4 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"7ae4ff4\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-baf044f\" data-id=\"baf044f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5b152aa elementor-widget elementor-widget-html\" data-id=\"5b152aa\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\">\r\nplaintext = plaintext[:-plaintext[-1]]\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-86b84fb elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"86b84fb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8d97e4a\" data-id=\"8d97e4a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-da6d89a elementor-widget elementor-widget-text-editor\" data-id=\"da6d89a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>At the end, we have the following code:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a6e26df elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"a6e26df\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-f4323b1\" data-id=\"f4323b1\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1ad280a elementor-widget elementor-widget-html\" data-id=\"1ad280a\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\">\r\nfrom Crypto.Cipher import PKCS1_OAEP\r\nfrom Crypto.PublicKey import RSA\r\nfrom Crypto.Cipher import AES\r\n\r\nimport base64\r\n\r\nencrypted_key = 'ly1gJyn0xZPGW3zH20VKEab3J+kXEJQ3X...'\r\nencrypted_text = 'aUDIiZxbfYvPvEgOf\/9IAp8CpGL1sm4XX...'\r\n\r\nkey = RSA.importKey(open('key.pem').read())\r\ncipher = PKCS1_OAEP.new(key)\r\nclear_key = cipher.decrypt(base64.b64decode(encrypted_key))\r\n\r\nraw = base64.b64decode(encrypted_text)\r\niv = raw[:16]\r\ncipher_text = raw[16:]\r\ncipher = AES.new(clear_key, AES.MODE_CBC, iv=iv)\r\nplaintext = cipher.decrypt(cipher_text)\r\n\r\nplaintext = plaintext[:-plaintext[-1]]\r\n\r\nprint(plaintext.decode('UTF-8'))\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-65009f6 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"65009f6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9fd9d3c\" data-id=\"9fd9d3c\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-b0c54f8 elementor-widget elementor-widget-text-editor\" data-id=\"b0c54f8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Which gives:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-afe72e4 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"afe72e4\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3bc1a44\" data-id=\"3bc1a44\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-dd296ec elementor-widget elementor-widget-html\" data-id=\"dd296ec\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script src=\"https:\/\/cdn.jsdelivr.net\/gh\/google\/code-prettify@master\/loader\/run_prettify.js\"><\/script>\r\n<pre class=\"prettyprint linenums\" style=\"overflow-wrap: normal !important; white-space:nowrap !important; overflow: auto\">\r\n&lt;samlp:Response&nbsp;xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"&nbsp;xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"&nbsp;ID=\"_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6\"&nbsp;Version=\"2.0\"&nbsp;IssueInstant=\"2014-07-17T01:01:48Z\"&nbsp;Destination=\"http:\/\/sp.example.com\/demo1\/index.php?acs\"&nbsp;InResponseTo=\"ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685\"&gt;\r\n&nbsp;&nbsp;&lt;saml:Issuer&gt;http:\/\/idp.example.com\/metadata.php&lt;\/saml:Issuer&gt;\r\n&nbsp;&nbsp;&lt;samlp:Status&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;samlp:StatusCode&nbsp;Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"\/&gt;\r\n&nbsp;&nbsp;&lt;\/samlp:Status&gt;\r\n&nbsp;&nbsp;&lt;saml:Assertion&nbsp;xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\"&nbsp;xmlns:xs=\"http:\/\/www.w3.org\/2001\/XMLSchema\"&nbsp;ID=\"_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75\"&nbsp;Version=\"2.0\"&nbsp;IssueInstant=\"2014-07-17T01:01:48Z\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Issuer&gt;http:\/\/idp.example.com\/metadata.php&lt;\/saml:Issuer&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Subject&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:NameID&nbsp;SPNameQualifier=\"http:\/\/sp.example.com\/demo1\/metadata.php\"&nbsp;Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\"&gt;_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7&lt;\/saml:NameID&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:SubjectConfirmation&nbsp;Method=\"urn:oasis:names:tc:SAML:2.0:cm:bearer\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:SubjectConfirmationData&nbsp;NotOnOrAfter=\"2024-01-18T06:21:48Z\"&nbsp;Recipient=\"http:\/\/sp.example.com\/demo1\/index.php?acs\"&nbsp;InResponseTo=\"ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685\"\/&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:SubjectConfirmation&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:Subject&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Conditions&nbsp;NotBefore=\"2014-07-17T01:01:18Z\"&nbsp;NotOnOrAfter=\"2024-01-18T06:21:48Z\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AudienceRestriction&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Audience&gt;http:\/\/sp.example.com\/demo1\/metadata.php&lt;\/saml:Audience&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:AudienceRestriction&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:Conditions&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AuthnStatement&nbsp;AuthnInstant=\"2014-07-17T01:01:48Z\"&nbsp;SessionNotOnOrAfter=\"2024-07-17T09:01:48Z\"&nbsp;SessionIndex=\"_be9967abd904ddcae3c0eb4189adbe3f71e327cf93\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AuthnContext&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AuthnContextClassRef&gt;urn:oasis:names:tc:SAML:2.0:ac:classes:Password&lt;\/saml:AuthnContextClassRef&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:AuthnContext&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:AuthnStatement&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AttributeStatement&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Attribute&nbsp;Name=\"uid\"&nbsp;NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:basic\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AttributeValue&nbsp;xsi:type=\"xs:string\"&gt;test&lt;\/saml:AttributeValue&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:Attribute&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Attribute&nbsp;Name=\"mail\"&nbsp;NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:basic\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AttributeValue&nbsp;xsi:type=\"xs:string\"&gt;test@example.com&lt;\/saml:AttributeValue&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:Attribute&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:Attribute&nbsp;Name=\"eduPersonAffiliation\"&nbsp;NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:basic\"&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AttributeValue&nbsp;xsi:type=\"xs:string\"&gt;users&lt;\/saml:AttributeValue&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;saml:AttributeValue&nbsp;xsi:type=\"xs:string\"&gt;examplerole1&lt;\/saml:AttributeValue&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:Attribute&gt;\r\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;\/saml:AttributeStatement&gt;\r\n&nbsp;&nbsp;&lt;\/saml:Assertion&gt;\r\n&lt;\/samlp:Response&gt;\r\n<\/pre>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-94747cf elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"94747cf\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-fb6758a\" data-id=\"fb6758a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-18e496e elementor-widget elementor-widget-heading\" data-id=\"18e496e\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Going Beyond<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5f89c14 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"5f89c14\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5b0d3c3\" data-id=\"5b0d3c3\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-b1a40c8 elementor-widget elementor-widget-text-editor\" data-id=\"b1a40c8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The are two interesting mechanisms we can exploit to decrypt the SAML Response without the private key.<\/p><ul><li>CBC padding attack to decrypt the authentication information.<\/li><li>Bleichenbacher\u2019s attack if the symmetric key is encrypted with PKCS1_5.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9dc0faa elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"9dc0faa\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8a01ebf\" data-id=\"8a01ebf\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-654ac3b elementor-widget elementor-widget-heading\" data-id=\"654ac3b\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">CBC padding attack<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4becbbc elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"4becbbc\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b807852\" data-id=\"b807852\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-965e880 elementor-widget elementor-widget-text-editor\" data-id=\"965e880\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>This is only exploitable if a padding oracle is available. A demonstration of this attack is shown here: <a href=\"https:\/\/blog.compass-security.com\/2021\/09\/saml-padding-oracle\/\">https:\/\/blog.compass-security.com\/2021\/09\/saml-padding-oracle\/.<\/a><\/p><p>You&#8217;ll see that most of Identity provider are still using CBC as cipher block mode. If the Service provider expose a padding oracle, it will definitely be vulnerable.<\/p><p>This attack could be easily prevented by the Identity Provider if the authentication information is encrypted using AES-GCM instead of AES-CBC for instance.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6a04999 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"6a04999\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-75f6d4f\" data-id=\"75f6d4f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6401635 elementor-widget elementor-widget-heading\" data-id=\"6401635\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Bleichenbacher's attack<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6a3f561 elementor-section-boxed elementor-section-height-default elementor-section-height-default qodef-elementor-content-no qodef-tooltip-follow-no qodef-vertical-text-holder-no qodef-vertical-text-in-grid-no\" data-id=\"6a3f561\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1da6de6\" data-id=\"1da6de6\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bc32477 elementor-widget elementor-widget-text-editor\" data-id=\"bc32477\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>I haven&#8217;t seen a SAML Response key encrypted with PKCS1_5 for obvious reasons. Most of public Identity Providers uses OAEP as padding scheme to prevent this attack. However some miss-configured self-managed Identity Provider could still use PKCS1_5.<\/p><p>In this case, an attacker could easily retrieve the symmetric key and possibly impersonate a user by forging an encrypted SAML Response. If the service provider is also vulnerable, the attacker could exploit a XSW vulnerability from the Service Provider to bypass the signature. Note that, an external signature is often used as well.<\/p><p>A python bleichenbacher&#8217;s attack implementation: <a href=\"https:\/\/github.com\/emilystamm\/rsa-bleichenbacher\">https:\/\/github.com\/emilystamm\/rsa-bleichenbacher<\/a><\/p><p>More about XSW attacks: <a href=\"https:\/\/book.hacktricks.xyz\/pentesting-web\/saml-attacks\">https:\/\/book.hacktricks.xyz\/pentesting-web\/saml-attacks<\/a><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>SAML is a standard protocol for parties to exchange authentication and authorization information. It stands for&nbsp;Security Assertion Markup Language&nbsp;and defines multiple use-cases and features. The most interesting one is&nbsp;Single Sign One&nbsp;for web browsing. Its native integration with HTTP makes it easy and fully compatible to implement. Single sign on is known as SSO&nbsp;and allows a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1081,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1078","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v18.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Debugging SAML messages - CyberConsulting<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Debugging SAML messages - CyberConsulting\" \/>\n<meta property=\"og:description\" content=\"SAML is a standard protocol for parties to exchange authentication and authorization information. It stands for&nbsp;Security Assertion Markup Language&nbsp;and defines multiple use-cases and features. The most interesting one is&nbsp;Single Sign One&nbsp;for web browsing. Its native integration with HTTP makes it easy and fully compatible to implement. Single sign on is known as SSO&nbsp;and allows a [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/\" \/>\n<meta property=\"og:site_name\" content=\"CyberConsulting\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-05T16:49:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-06T19:24:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png\" \/>\n\t<meta property=\"og:image:width\" content=\"731\" \/>\n\t<meta property=\"og:image:height\" content=\"346\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"cyberclo\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cyberconsulting.be\/#website\",\"url\":\"https:\/\/cyberconsulting.be\/\",\"name\":\"CyberConsulting\",\"description\":\"Olivier Buez\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cyberconsulting.be\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#primaryimage\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png\",\"contentUrl\":\"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png\",\"width\":731,\"height\":346},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#webpage\",\"url\":\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/\",\"name\":\"Debugging SAML messages - CyberConsulting\",\"isPartOf\":{\"@id\":\"https:\/\/cyberconsulting.be\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#primaryimage\"},\"datePublished\":\"2022-02-05T16:49:00+00:00\",\"dateModified\":\"2023-02-06T19:24:36+00:00\",\"author\":{\"@id\":\"https:\/\/cyberconsulting.be\/#\/schema\/person\/d74e1292938d651515a7363f783be1c0\"},\"breadcrumb\":{\"@id\":\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cyberconsulting.be\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Debugging SAML messages\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/cyberconsulting.be\/#\/schema\/person\/d74e1292938d651515a7363f783be1c0\",\"name\":\"cyberclo\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/cyberconsulting.be\/#personlogo\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f8e32d0ce0ccda6f063955d9010239aeff9d5505ad48924550b34466cd55cc5d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f8e32d0ce0ccda6f063955d9010239aeff9d5505ad48924550b34466cd55cc5d?s=96&d=mm&r=g\",\"caption\":\"cyberclo\"},\"sameAs\":[\"http:\/\/cyberconsulting.be\"],\"url\":\"https:\/\/cyberconsulting.be\/index.php\/author\/cyberclo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Debugging SAML messages - CyberConsulting","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/","og_locale":"en_GB","og_type":"article","og_title":"Debugging SAML messages - CyberConsulting","og_description":"SAML is a standard protocol for parties to exchange authentication and authorization information. It stands for&nbsp;Security Assertion Markup Language&nbsp;and defines multiple use-cases and features. The most interesting one is&nbsp;Single Sign One&nbsp;for web browsing. Its native integration with HTTP makes it easy and fully compatible to implement. Single sign on is known as SSO&nbsp;and allows a [&hellip;]","og_url":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/","og_site_name":"CyberConsulting","article_published_time":"2022-02-05T16:49:00+00:00","article_modified_time":"2023-02-06T19:24:36+00:00","og_image":[{"width":731,"height":346,"url":"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"cyberclo","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/cyberconsulting.be\/#website","url":"https:\/\/cyberconsulting.be\/","name":"CyberConsulting","description":"Olivier Buez","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cyberconsulting.be\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"ImageObject","@id":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#primaryimage","inLanguage":"en-GB","url":"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png","contentUrl":"https:\/\/cyberconsulting.be\/wp-content\/uploads\/2022\/02\/saml.png","width":731,"height":346},{"@type":"WebPage","@id":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#webpage","url":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/","name":"Debugging SAML messages - CyberConsulting","isPartOf":{"@id":"https:\/\/cyberconsulting.be\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#primaryimage"},"datePublished":"2022-02-05T16:49:00+00:00","dateModified":"2023-02-06T19:24:36+00:00","author":{"@id":"https:\/\/cyberconsulting.be\/#\/schema\/person\/d74e1292938d651515a7363f783be1c0"},"breadcrumb":{"@id":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/cyberconsulting.be\/index.php\/2022\/02\/05\/debugging-saml-messages\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cyberconsulting.be\/"},{"@type":"ListItem","position":2,"name":"Debugging SAML messages"}]},{"@type":"Person","@id":"https:\/\/cyberconsulting.be\/#\/schema\/person\/d74e1292938d651515a7363f783be1c0","name":"cyberclo","image":{"@type":"ImageObject","@id":"https:\/\/cyberconsulting.be\/#personlogo","inLanguage":"en-GB","url":"https:\/\/secure.gravatar.com\/avatar\/f8e32d0ce0ccda6f063955d9010239aeff9d5505ad48924550b34466cd55cc5d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f8e32d0ce0ccda6f063955d9010239aeff9d5505ad48924550b34466cd55cc5d?s=96&d=mm&r=g","caption":"cyberclo"},"sameAs":["http:\/\/cyberconsulting.be"],"url":"https:\/\/cyberconsulting.be\/index.php\/author\/cyberclo\/"}]}},"_links":{"self":[{"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/posts\/1078","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/comments?post=1078"}],"version-history":[{"count":52,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/posts\/1078\/revisions"}],"predecessor-version":[{"id":1223,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/posts\/1078\/revisions\/1223"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/media\/1081"}],"wp:attachment":[{"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/media?parent=1078"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/categories?post=1078"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberconsulting.be\/index.php\/wp-json\/wp\/v2\/tags?post=1078"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}