Last active
October 27, 2019 02:44
-
-
Save sushiwushi/229237c0a5e5fc0852af622707d005ef to your computer and use it in GitHub Desktop.
JSON Web Token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Leaked JWT secret keys through JavaScript files | |
Zendesk is a support system used by many websites, some of them enabled JWT for single sign-on authentication https://support.zendesk.com/hc/en-us/articles/203663816-Enabling-JWT-JSON-Web-Token-single-sign-on | |
There maybe a possibility that the JWT secret token is leaked in JavaScript files, as shown in the report below | |
https://hackerone.com/reports/638635 | |
To search for it, grep (Ctrl + F) for "jwt" in website's Zendesk JavaScript files | |
References | |
https://jwt.io | |
https://unixstamp.com | |
https://www.uuidgenerator.net | |
2. Breaking JWT encryption | |
JWT presents as Authorization Bearer token in HTTP requests and can be decrypted to further analyze any vulnerabilities present | |
(a) Manipulating algorithm | |
JWT is built from 3 parts which is base64 encoded => b64_encode(header).b64_encode(payload).b64_encode(signature) | |
The "header" part contains the algorithm it uses to transfer the token, it can be manipulated to bypass the verification from the server. If successful, it can be used to login into anyone's user account. | |
i. "none" algorithm | |
Modify the above header to contain {"alg": "none"} instead of "HS256". Make any desired changes to the payload. Use an empty signature (i.e. signature = ""). | |
If a secret key was provided, then token verification will fail for tokens using the none algorithm. | |
Reference | |
https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries | |
ii. "HS256" algorithm | |
Modify the header alg to HS256 | |
Copy server certificate and extract the public key | |
Reference | |
https://habr.com/en/post/450054 | |
https://medium.com/101-writeups/hacking-json-web-token-jwt-233fe6c862e6 | |
(b) Manipulating payload | |
i. IDOR | |
The JWT token had the session id and user id and signed with HS256, pretty good right but no the api did not validate any of that | |
https://medium.com/bugbountywriteup/idor-in-jwt-and-the-shortest-token-you-will-ever-see-uid-1234567890-4e02377ea03a | |
(c) Manipulating signature | |
i. Cracking HS256 key | |
If the HS256 key strength is weak, it can be directly brute-forced, such as using the secret string as a key in the PyJWT library sample code | |
Reference | |
https://medium.com/101-writeups/hacking-json-web-token-jwt-233fe6c862e6 | |
https://medium.com/@valeriyshevchenko/brute-forcing-jwt-token-hs256-6f545d24c7c3 | |
ii. Timing attack | |
https://hackernoon.com/can-timing-attack-be-a-practical-security-threat-on-jwt-signature-ba3c8340dea9 | |
3. Sources | |
Cheatsheet PDF | |
https://assets.pentesterlab.com/jwt_security_cheatsheet/jwt_security_cheatsheet.pdf | |
Blog post about JWT web token analysis | |
https://mazinahmed.net/blog/breaking-jwt | |
Payloads | |
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/JSON%20Web%20Token | |
Tools | |
https://github.com/mazen160/jwt-pwn |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment