JWT

Definition: JSON Web Tokens (JWTs) are standardized, cryptographically signed JSON data formats for exchanging information, commonly used in authentication and access control.
Storage: JWTs store all necessary data client-side, making them ideal for distributed systems.
Structure: Consists of three parts: header, payload, and signature, separated by dots.
Header & Payload: Both are base64url-encoded JSON objects; the header contains metadata, while the payload includes user claims (e.g., name, email).
Security: The integrity of a JWT relies on its cryptographic signature, which is created using a secret signing key; any modification to the header or payload invalidates the signature.

unverified jwt
change user or maybe isAdmin payload key
unverified signature
change alg to none
Injecting self-signed JWTs via the jwk parameter
1. New RSA Key
2. In request JWT payload, change the value of the sub claim to administrator
3. Select Attack, then select Embedded JWK with newly generated RSA key
4. Observe a jwk parameter now contain our public key, sending request result in access to admin portal
Injecting jku header with self signed key
1. Generate New RSA Key pair automatically, and ignore the size.
2. On the exploit server body create empty JWK { "keys": [ ] }.
3. Copy Public Key as JWK from the new RSA key pair generate in previous step, in between the exploit body square brackets [ paste ].
4. Copy kid value of generate RSA key into the /admin request JWT header kid value.
5. Set new jku parameter to the value of the exploit server URL https://exploit-server.net/exploit.
6. Change JWT payload value of the sub claim to administrator.
7. On the /admin request in repeat, at bottom of the JSON Web Token tab, click Sign.
8. On Sign option, then select the RSA signing key that was generated in the previous steps.
9. Send request, and gain access to admin portal.

kid path traversal

Generate a new Symmetric Key and replace k property with the base64 null byte AA==

change kid path to null:

"kid": "../../../../../../../dev/null"


In the JWT payload, change the value of the sub claim to administrator.

At the bottom of the tab, click Sign, then select the symmetric key that you generated in the previous section.

Make sure that the Don't modify header option is selected, then click OK. The modified token is now signed using a null byte as the secret key.

Brute Force secret
1. Brute force weak JWT signing key using hashcat.
  hashcat -a 0 -m 16500 <YOUR-JWT> /path/to/jwt.secrets.list
  Hashcat result provide the secret, to be used to generate a forged signing key.
  JWT Editor Keys tab and click New Symmetric Key. In the dialog, click Generate to generate a new key in JWK format.
  Replace the generated value for the k property with the Base64-encoded secret
  n the payload, change the value of the sub claim to administrator
  At the bottom of the tab, click Sign, then select the key that you generated in the previous section.
  Make sure that the Don't modify header option is selected, then click OK. The modified token is now signed with the correct signature

PreviousSQLi Cheat Sheet NextPrototype Pollution

Last updated 8 months ago

Definition: JSON Web Tokens (JWTs) are standardized, cryptographically signed JSON data formats for exchanging information, commonly used in authentication and access control.
Storage: JWTs store all necessary data client-side, making them ideal for distributed systems.
Structure: Consists of three parts: header, payload, and signature, separated by dots.
Header & Payload: Both are base64url-encoded JSON objects; the header contains metadata, while the payload includes user claims (e.g., name, email).
Security: The integrity of a JWT relies on its cryptographic signature, which is created using a secret signing key; any modification to the header or payload invalidates the signature.

unverified jwt
change user or maybe isAdmin payload key
unverified signature
change alg to none
Injecting self-signed JWTs via the jwk parameter
1. New RSA Key
2. In request JWT payload, change the value of the sub claim to administrator
3. Select Attack, then select Embedded JWK with newly generated RSA key
4. Observe a jwk parameter now contain our public key, sending request result in access to admin portal
Injecting jku header with self signed key
1. Generate New RSA Key pair automatically, and ignore the size.
2. On the exploit server body create empty JWK { "keys": [ ] }.
3. Copy Public Key as JWK from the new RSA key pair generate in previous step, in between the exploit body square brackets [ paste ].
4. Copy kid value of generate RSA key into the /admin request JWT header kid value.
5. Set new jku parameter to the value of the exploit server URL https://exploit-server.net/exploit.
6. Change JWT payload value of the sub claim to administrator.
7. On the /admin request in repeat, at bottom of the JSON Web Token tab, click Sign.
8. On Sign option, then select the RSA signing key that was generated in the previous steps.
9. Send request, and gain access to admin portal.

kid path traversal

Generate a new Symmetric Key and replace k property with the base64 null byte AA==

change kid path to null:

"kid": "../../../../../../../dev/null"


In the JWT payload, change the value of the sub claim to administrator.

At the bottom of the tab, click Sign, then select the symmetric key that you generated in the previous section.

Make sure that the Don't modify header option is selected, then click OK. The modified token is now signed using a null byte as the secret key.

Brute Force secret
1. Brute force weak JWT signing key using hashcat.
  hashcat -a 0 -m 16500 <YOUR-JWT> /path/to/jwt.secrets.list
  Hashcat result provide the secret, to be used to generate a forged signing key.
  JWT Editor Keys tab and click New Symmetric Key. In the dialog, click Generate to generate a new key in JWK format.
  Replace the generated value for the k property with the Base64-encoded secret
  n the payload, change the value of the sub claim to administrator
  At the bottom of the tab, click Sign, then select the key that you generated in the previous section.
  Make sure that the Don't modify header option is selected, then click OK. The modified token is now signed with the correct signature

Injecting self-signed JWTs via the jwk parameter

Injecting self-signed JWTs via the jwk parameter