Introduction how to Exploit JWT

Introduction how to Exploit JWT 


Authentication and authorization make developer overthinking how to implement it correctly without any fear here came frameworks to recuse developer framework like Oauth and OpenID that control on both process (authentication & authorization) in these frameworks you could find new concept it’s JWT that is part of modern authentication frameworks used instead of cookies to keep track user session as we know http stateless protocol.


Json Web Token (JWT) is standardized validated and encrypted container format that is used to transfer information between parts.
The container format in definition refer to JWT structure, jwt has parties of information that must send with each message   , jwt it’s base64 encoding message consist of three parties Header , Payload and Signature each parts separated  by dot ( . )  .
Header this part use to describe cryptography algorithm use with jwt and encode as json and then base64

{ “type”:”jwt”, "alg": "HS256"  }

Payload    this part include all user interesting data  and encode as json and then base64
{ "is_admin": "false", "username": "guest" }
Signature  this part use to validated jwt message send by client validated by server by calc HMAC of payload with secret key
{“sign” : ”<base64>”}
After we how jwt structure now we will see how to combine all these part
JWT= (base64url(header)) (dot) (base64url(payload)) (dot) (base64url(Sign)) 


The process of  jwt Serialization consist of encoding header , payload and signature with base64url.


Base64url  it’s variation of base64 that use URL safe _ instead of + and / .


the process of jwt deserialization consist of decoding header, payload and signature with base64url and extract algorithm from message and calc signature then compare it with that found in message if equal then pass decode payload to fetch resource.

Security vulnerabilities

As we know  jwt token it has signature calc to prevent it from tampering here came two ways to calc signature first  it’s use secret key (symmetric)  , second use private key to create signature and public to verify it (asymmetric) we going to explore each type and each vulnerabilities.

Symmetric (secret key)

This type of calc signature its vulnerable to expose secret key when jwt token must send to 3-party , the 3-party must have copy of secret key and it’s has problem with revoke key if want update key the secret key must update on every instances that use it , in this type of sign you could recognize it  with HS in alg value in header part.
Security vulnerability with this type of sign that you could change alg value in header part to none algorithm and leave out the signature.
{ "alg": "none", "type": "JWT" }

Asymmetric(public & private key)

This type of sign fixed two problems with Symmetric key like using single key and share it and second problem is key revoke this fixed with share public that make no matter if revoke happen or not because jwt has different type of claims as mention on RFC 7519 these claims use to control how to invoke key management in jwt those claims add in header part , claims like x5u claim intended to hold public key in format of an X509 certificate ,  jku claim is intended to hold URL which point to file contain key in json format  and finally jwk this claim design to hold public key in jwt and make every 3-party work with  public key to verify token.
This type of sign you could recognized it with RS in alg value in header part.
 This type of sign has security vulnerability in order to exploit it must do this steps:

Frist change RS to HS (RS256àHS256)

Second get public key and use it to sign token

In RS (asymmetric) private use to sign toke and public to verify token but when we change it to 

HS(Symmetric)  now verify token using public key as secret key.

Exploit JWT

you need
1- write python script  encode and decode JWT
2- burpsuite 

Change HS256 to none

In this scenario we have login page that let you login as guest by click on login as guest when you login as guest there jwt token send to you in cookie header but we want to login as admin here come magic by decode jwt and change alg to none and username to admin and encode it again in this scenario we use burp suite as proxy and python script to decode and edit jwt and encode it again

1-  Login page

    2- login as guest 

  3- View jwt token issue in cookie header

 4- Use python script to decode jwt

  5- Edit jwt and encode it again

   6- Send jwt in cookie header

   7- Login as admin

soon they will be challenges in JWT combine with SQi,XXE,POI,command injection

thanks for reading


Popular posts from this blog

Code injection

hacky holidays h1 CTF