JSON Web Token Hacking

preview_player
Показать описание
// Membership //

// Courses //

// Books //

// Social Links //

// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing so that we can protect ourselves against the real hackers.
  1. Loi Liang Yang
  2. hacker
  3. hacking
  4. cracker
  5. cracking
  6. kali linux
Рекомендации по теме
JSON Web Token 0:06:30

JSON Web Token Hacking

How Hackers Hack 0:13:15

How Hackers Hack JSON Web Tokens

Cracking JSON Web 0:14:34

Cracking JSON Web Tokens

How to Exploit 0:07:25

How to Exploit 'Json Web Token'(JWT) vulnerabilities | Full Practical

Hack JWT using 0:17:23

Hack JWT using JSON Web Tokens Attacker BurpSuite extensions

JWT | JSON 0:09:50

JWT | JSON Web Token | Bug Bounty | Penetration Testing

Session vs Token 0:02:18

Session vs Token Authentication in 100 Seconds

JSON Web Keys 0:29:09

JSON Web Keys (JWK & JWT) - 'Emergency' - HackTheBox Business CTF

JWT Hacking (JSON 0:35:24

JWT Hacking (JSON Web Token)

JSON Web Token 0:16:28

JSON Web Token Vulnerabilities

BUG BOUNTY TUTORIAL: 0:10:28

BUG BOUNTY TUTORIAL: ACCOUNT TAKEOVER | JWT HACKING

ATTACKING JWT FOR 0:07:39

ATTACKING JWT FOR BEGINNERS!

JSON Web Token 0:07:49

JSON Web Token Security

Attacking JWT - 0:18:28

Attacking JWT - Header Injections

Hack Jwt Authentication 0:22:49

Hack Jwt Authentication Bypass Via Weak Signing Key | JSON Web Token Security | #ethicalhacking #jwt

Hacking and Securing 0:04:42

Hacking and Securing JSON Web Tokens(JWT) - None signature attack

JWT jku&x5u = 0:17:00

JWT jku&x5u = ❤️ by @snyff #NahamCon2020

API9 - Hacking 0:20:23

API9 - Hacking JSON Web Tokens | JWT | crAPI

The Hacker's Guide 0:27:52

The Hacker's Guide to JWT Security

JWT authentication bypass 0:03:14

JWT authentication bypass via 'X-HTTP-Method-Override' Header

JWT Attack | 0:08:54

JWT Attack | JSON web token | Ethical Hacking | Practical Video

Hacking and Securing 0:07:09

Hacking and Securing JSON Web Tokens(JWT) - Manually creating HS256 signature

Working with JWTs 0:03:13

Working with JWTs in Burp Suite

The Hacker's Guide 0:48:25

The Hacker's Guide to JWT Security by Patrycja Wegrzynowicz

Комментарии
Автор

Correct me if i'm wrong! but the main reason for using the JWT is to verify the user without the need to connect a database and compare the values? and also changing the values of the payload misses completely the signature, which already encrypted with secret key and should be rejected in the first place, if someone uses the JWT without verifying it somehow in their website he shouldn't use JWT at all, it's like giving access to everyone and trusting blindly every user!!

Steps as far as i know :
1 - get the JWT
2 - verify the signature by decrypting it using the secret key (the most important), exp ...
3 - proceed to the next step (perform any action you need)

if 1 fails, reject everything
if 1 doesn't fail and 2 fails reject everything
if 1 and 2 doesn't fail now you can go to the step three and perform the action

redmatrice
Автор

Brother, I love all your videos. They are concise, quick, no bullshit, no music and you could not have done a better job.

COLMANRYAN
Автор

Interesting technique, another scenario to add to my vuln checking, thanks for sharing

JanRautiainen
Автор

how did key-id with sql query from some table that gives you no useful information, give you the authorization to delete user?
server side key id targets nothing and server does not throw an error so then it authenticates you?

dmitriylevy
Автор

Good brief, Loi. Thanks. I touch on this subject for the PenTest+ class I teach. Useful content here.

zzsql
Автор

Sir Loi, it was a great hacking tutorial! But now the thing is, how can "we" secure our JWT tokens and the websites using JWT?

md.riyasathossain
Автор

is it mean you have to know the server containing the key first?

FabulousFitsFantasy
Автор

While this is good one, it very much depends on dal layer which is by default prevented by dal fw.
Also someone using jwt must be using some sort of lib, and not.directly doing jwt implementation. So might not be taht much practical in real world....
Not sure if there is some one that idiot in real world.who queries SQL directly.

VineetYadav
Автор

I've also done this once in a CTF by setting the algorithm to none :D

Peterb
Автор

Hello, Thanks for the video. How can we prevent this ?

Abasalt_Yar
Автор

Hey how did you learn to hack, like any courses or like college ?

Sonictag
Автор

U always have good vids! 👏 Keep going!

hackerxploit
Автор

every website encrypt token different with different algorithms. I tried that website and it didnt tell me token information.

MuhammadAli-zgnw
Автор

1:18 - "We're trying to remove the cats account"... That sounds so wrong lmao

sto
Автор

How would you protect against this attack?

benjaminargueta
Автор

I'm a bit confused. I thought the whole purpose of the JWT being secure is that the token CAN'T be manipulated (without knowing the private key). When the KID property, EXP property, etc. was changed, I would assume the the server will immediately reject it because the signature would no longer match. Or is the JWT token being used differently in this example?

rainfallen
Автор

Is it possible to hack if MongoDB is being used?

aburahan
Автор

Sir, How do i watch member only content?

littleguardian
Автор

how did you know which table you needed to insert into ?

lakshaynz
Автор

How did you know the location? Usually I’ve had to run sql multiple times to escalate ad find location names.

Uneke