Channel | Publish Date | Thumbnail & View Count | Download Video |
---|---|---|---|
Publish Date not found | 0 Views |
#JWTtoken #pentestingJWT #AppleBounty
POC link:
https://bit.ly/3gcbkrL
JWT-TOKEN (JSON-WEB-TOKEN)
2:00 JWT token identification
5:00 Ways to attack JWT tokens
9:00 Bounty $100k Problem analysis
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained method for securely transmitting information between parties as a JSON object. This information is verifiable and trusted because it is digitally signed. JWTs can be signed with a secret (using the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
Opportunities for attack
1. The application does not verify the signature
2.NO algorithm
3.Change the algorithm from RS256 to HS256
4. Cracking the hs256
JWT Brute Tool
————————————–
https://tinyurl.com/2u3zewem
Authorization: Bearer Token
CHILD
SQL injection, directory traversal
"Child": /"aaaaaaa' UNION SELECT 'key';–/"
"child": "../../public/css/main.css"
xxx.yyy.zzz
Example JWT token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJ V_adQssw5c
Reference :
https://www.slideshare.net/OWASP_Poland/opd-2019-attacking-jwt-tokens
https://jwt.io/introduction/
https://medium.com/swlh/hacking-json-web-tokens-jwts-9122efe91e4a
DISCLAIMER: This channel does NOT promote or encourage any illegal activities, all content provided by this channel is for EDUCATIONAL PURPOSES only.
Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. If the use is for non-profit, educational, or personal use, fair use is allowed.
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.