Introduction
In this walk-through, we covered JSON Web Tokens and its associated vulnerabilities. In JWT, the signature can be changed or the header to bypass authentication controls. This video is part of ZTH: Obscure Web Vulns room from TryHackMe.
Json Web Token’s are a fairly interesting case, as it isn’t a vulnerability itself. Infact, it’s a fairly popular, and if done right very secure method of authentication. The basic structure of a JWT is this, it goes “header.payload.secret”, the secret is only known to the server, and is used to make sure that data wasn’t changed along the way. Everything is then base64 encoded. so an example JWT token would look like "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
Meaning that if we are able to control the secret, we can effectively control the data. To be able to do this we have to understand how the secret is calculated. This requires knowing the structure of the header, a typical JWT header looks like this {“typ”:”JWT”,”alg”:”RS256″}. We’re interested in the alg field. RS256 uses a private RSA key that’s only available to the server, so that’s not vulnerable. However, We can change that field to HS256, This is calculated using the server’s public key, which in certain circumstances we may have access too.
What’s a JSON Web Token?
First, let’s talk about what JWTs are. They’re used for authentication and authorization, much like cookies. When you log into a web application, it gives you a JWT to keep track of who you are.
A JWT is made up of three parts, all Base64 encoded and separated by dots:
- Header: This part tells you the token type and the encryption algorithm being used, like HS256.
- Payload: This contains information about you, the user, like your role (for example, “user”).
- Signature: This is the most important part. It’s used to verify that the token is legit and that you are who you say you are. If you can mess with the signature, you can bypass the authentication.
How to Exploit JWTs
I’ll show you two main ways to exploit JWTs:
Method 1: Changing the Signature
This method works if the signature algorithm is weak. For example, with an HS256 algorithm, you can actually generate your own signature.
If the token uses a stronger algorithm like RSA, you can use a tool like “json or token breaker” to convert the RSA token to HMAC. To do this, you’ll need the token and the web server’s public key, which is usually easy to find.
Once you’ve converted the token, you can change the payload (for example, change your role from “user” to “admin”) and generate a new token. You can then use this new token in a tool like Burp Suite to get admin access.
Method 2: Canceling the Signature
This method is for when you can’t change or create your own signature. The goal here is to get rid of the signature altogether.
First, you decode the header and payload into plaintext. Then, you re-encode the header, but this time you change the algorithm to “none”. This tells the server that no signature is needed.
Next, you modify the payload to change your role to “admin” and re-encode it. Finally, you combine the new header and payload, separated by a dot, and just leave off the signature part. You can then use this new token to log in as an admin.
By using these methods, you can gain administrative access and find flags in CTF challenges.
JSON Web Token Vulnerabilities TryHackMe Room Answers
What is the flag?
