![](\"https:\/\/varutra-1a3b6.kxcdn.com\/wp-content\/uploads\/2020\/12\/JWT-Attacks.png\" "\\"Json")
<\/p>\n<\/p>\n
A JSON web token (JWT) token is an open standard which defines the compact and secure way of transmitting data or information as a JSON object between two parties. It is considered secure as it is digitally signed. Since the information transmitted is signed digitally (using a secret key or private\/public key pair), it can be trusted and verified at the receiver end.<\/p>\n
A JWT token still makes a claim with respect to the parties who have signed it. It can also be encrypted to provide secrecy. Signed tokens help parties verify the integrity of claims contained in them but the encrypted tokens do not reveal those claims to other parties. Upon signing a token using public\/private keys, the signature also certifies that the party having the private key is the one who signed it.<\/p>\n
It is mostly used in two scenarios<\/p>\n
1. Authorization<\/strong><\/p>\n JWTs are most commonly used for authorization. Every subsequent request, after a user logs-in, will contain a JWT token with it, which allows the user to access services, routes, resources, etc., that are allowed with the token. JWTs are widely used in the Single Sign-On feature due to minimum overhead and its ability to be used across various domains.<\/p>\n 2. <\/strong>Information Exchange<\/strong><\/p>\n JSON Web Tokens (JWTs) are a good way to transmit information between parties securely. Since it is possible to sign JWTs using public\/private key pairs, you can be confident that the senders are who they claim they are. You can also verify that content is not modified via the signature because it is calculated using the header and the payload.<\/p>\n <\/p>\n The JWT token comprises three parts which are separated by ( . )<\/p>\n It is created by the server using:<\/p>\n Algorithm {header + payload} — secret key<\/p>\n <\/p>\n The key ID (KID) header parameter indicates the key that was utilized to secure the JWS and enables originators to clearly show recipients that a change of key has taken place. There is no specified structure of the KID value; however, its value must be a case-sensitive string.<\/p>\n <\/p>\n JWT token usually starts with base64 char “ey” and it is separated by two dots(.)<\/p>\n <\/p>\n 1.Symmetric<\/u><\/strong><\/p>\n In the Symmetric mechanism, only one key is required to create and verify the JASON web token. The most common algorithm for this mechanism is HS256.<\/p>\n 2.Asymmetric<\/u><\/strong><\/p>\n In the Asymmetric mechanism, two different keys are required; a Private<\/strong> key for signing the signature and a Public<\/strong> key for verification. For this mechanism, the most common algorithm is RS256.<\/p>\n Various signature methods can be utilized to verify the integrity of a JWT such as<\/p>\n \u00a0<\/u><\/strong><\/p>\n \u00a0<\/strong><\/p>\n 1.None-Algorithm<\/u><\/strong><\/p>\n When the value of \u201calg\u201d header cannot be verified by an application, you can change the value to \u201cnone\u201d, thereby eliminating the requirement of a valid signature for verification.<\/p>\n <\/p>\n Cracking a sample Json web token (JWT) using base64 decode.<\/strong><\/p>\n Encode it now again by modifying the algorithm to None from HS256and pass it on.<\/p>\n <\/p>\n The RS256 algorithm requires a private key for modifying the data and a public key for verifying the signature authenticity. However, when the signing algorithm is changed from RS256 to HS256, the application is made to use a single key for performing both the tasks (authentication and verification).\u00a0 The HMAC algorithm uses a single key for doing both the tasks.<\/p>\n Hence, this method changes the workflow from Asymmetric encryption to Symmetric encryption and allows using the same public key for signing new tokens.<\/p>\n <\/p>\n In reality, you may get the public key from a mobile application or a JavaScript script.<\/p>\n Using the JWT_tool in python for exploitation<\/strong><\/p>\n In this scenario, the following command is used, as shown in the below figure:<\/p>\n python3 JWT_tool.py <JWT> -S hs256 -k public.pem<\/strong><\/p>\n Here, first we have to download the public key from the possible sources and then sign the token with the HS256 algorithm using that key. We can create new tokens this way and can inject payload in any claim that already exists.<\/p>\n <\/p>\n If the app shows no error while fuzzing the data in the Payload and Header sections, it indicates that the signature is not being checked after it is signed by the Authorization server. This allows us to inject the payload in the assertion, and the token will be valid at all times.<\/p>\n In this scenario, the following command is us<\/p>\n python3 JWT_tool.py <JWT> -I -pc name -pv admin\u00a0<\/strong><\/p>\n Since the signature part is not checked, the name field can be modified in the payload section and we can get higher privileges.<\/p>\n![\"JWT](\"https:\/\/www.varutra.com\/wp-content\/uploads\/2020\/12\/JWT-Decoder.png\")
Fig -1.1 JWT Decoder<\/strong><\/pre>\nStructure of JSON web token (JWT)<\/u><\/strong><\/h3>\n
\n
What Is the Use of KID Parameter in <\/strong>JSON web token (JWT) <\/strong>?<\/strong><\/h3>\n
How to recognize a JWT token?<\/strong><\/h3>\n
Algorithms<\/u><\/strong><\/h3>\n
\n
Now Let\u2019s see different methods for exploiting the Json web tokens.<\/u><\/strong><\/h3>\n
![\"Base64](\"https:\/\/www.varutra.com\/wp-content\/uploads\/2020\/12\/Base64-Decode.png\")
Fig -1.2 Base64 Decode<\/strong><\/pre>\n\n
But where is public key found?<\/strong><\/h3>\n
![\"Json](\"https:\/\/www.varutra.com\/wp-content\/uploads\/2020\/12\/JWT-TOOL-PAYLOAD-FOR-CHANGE-RS256-TO-HS256-ALGORITHM-ATTACK.png\")
Fig-1.3 JWT TOOL PAYLOAD FOR CHANGE RS256 TO HS256 ALGORITHM ATTACK<\/strong><\/pre>\n\n
![\"JWT](\"https:\/\/www.varutra.com\/wp-content\/uploads\/2020\/12\/JWT-TOOL-PAYLOAD-FOR-SIGNATURE-NOT-CHECKED.png\")
<\/strong>Fig-1.4 JWT TOOL PAYLOAD FOR SIGNATURE NOT UNCHECKED <\/strong><\/pre>\n