JWT Vulnerabilities List (Simple Explanation)

  1. Tamper without modifying anything
  2. Modify algorithm to none
  3. Bruteforce weak signing key
  4. Privilege Escalation by JWK header injection (RS256 or asymmetric hashing algorithm attack)
  5. Privilege Escalation by JKU header injection (RS256 or asymmetric hashing algorithm attack)
  6. The exploitation of kid header in JWT (Directory Traversal and command Injection) (RS256 and HS256)
  7. Privilege Escalation by algorithm confusion when server public key is exposed and JWT token algorithm is RS256(Change the algorithm from RS256 or asymmetric hashing algorithm attack to HS256 or symmetric algorithm)
  8. Privilege Escalation by algorithm confusion when server public key is not exposed and JWT token algorithm is RS256(Change the algorithm from RS256 or asymmetric hashing algorithm attack to HS256 or symmetric algorithm)
  9. Cross service relay attack
  10. Check exp
  • Tamper without modifying anything
    Change the value in the payload and check if the signature is validating at the server end or not. (It works when JWT is in JWS format)
    Example: Let’s say in payload name: lol and you change the name: admin and check if you are able to get admin access or not. If it works, that means the signature is not validating at the server end.
  • Modify algorithm to none
    Change the “alg”: “none” and also delete the signature part but remember to leave the trailing dot after the payload and send the request to see if the none algorithm is working or not.
    Example: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpc3MiOiJwb3J0c3dpZ2dlciIsInN1YiI6ImFkbWluaXN0cmF0b3IiLCJleHAiOjE2NTY0MTczNDJ9.
    Header: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0
    {
    “typ”: “JWT”,
    “alg”: “none”
    }
    Payload: eyJpc3MiOiJwb3J0c3dpZ2dlciIsInN1YiI6ImFkbWluaXN0cmF0b3IiLCJleHAiOjE2NTY0MTczNDJ9
    {
    “iss”: “portswigger”,
    “sub”: “administrator”,
    “exp”: 1656417342
    }
  • Bruteforce weak signing key
    Try to brute force a weak signing key. If you get the secret key that is used for creating the signature then you can modify data and use that key to create a new signature. In this scenario, the server is validating the signature but the server is using the weak key for creating the signature.
    I know some of you might be confused about this. Check this blog to understand the digital signature .

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store