JWT Authentication Bypass via Weak Signing Key

preview_player
Показать описание
👩‍🎓👨‍🎓 Learn about JSON Web Token (JWT) vulnerabilities. The server uses an extremely weak secret key to both sign and verify tokens. This can be easily brute-forced using a wordlist of common secrets. To solve the lab, we'll brute-force the website's secret key. Once we've obtained the key, we'll use it to sign a modified sessions token and gain access to the admin panel, then delete the user carlos.

Overview:
0:00 Intro
0:13 Recap
0:37 Brute-forcing secret keys
1:33 Brute-forcing secret keys using hashcat
3:04 Lab: JWT authentication bypass via weak signing key
4:22 Solution #1: python
6:44 Solution #2: burp suite (and hashcat)
10:12 Solution #3: jwt_tool
11:51 Conclusion

  1. Intigriti
  2. weak
  3. secret
  4. key
  5. session
  6. cookie
Рекомендации по теме
JWT authentication bypass 0:04:37

JWT authentication bypass via weak signing key | PortSwigger Academy tutorial

JWT Authentication Bypass 0:12:35

JWT Authentication Bypass via Weak Signing Key

JWT authentication bypass 0:02:51

JWT authentication bypass via weak signing key

JSON Web Token 0:04:54

JSON Web Token Attacks: LAB #3 By PortSwigger - JWT Authentication Bypass Via Weak Signing Key

JWT authentication bypass 0:08:13

JWT authentication bypass via weak signing key

JWT authentication bypass 0:05:04

JWT authentication bypass via weak signing key

Hack Jwt Authentication 0:22:49

Hack Jwt Authentication Bypass Via Weak Signing Key | JSON Web Token Security | #ethicalhacking #jwt

Portswigger Web Academy 0:04:44

Portswigger Web Academy JWT: JWT authentication bypass via weak signing key #130

JWT Attacks #3 0:07:15

JWT Attacks #3 - JWT authentication bypass via weak signing key

Lab: JWT authentication 0:12:23

Lab: JWT authentication bypass via weak signing key

Portswigger Lab: JWT 0:07:14

Portswigger Lab: JWT authentication bypass via weak signing key

Lab: JWT authentication 0:06:52

Lab: JWT authentication bypass via weak signing key

JWT Authentication bypass 0:12:00

JWT Authentication bypass via WEAK Signing Key || LAB || JSON Web Token (JWT) Security Attack

JWT authentication bypass 0:25:18

JWT authentication bypass via weak signing key - PT/BR

Lab JWT authentication 0:07:08

Lab JWT authentication bypass via weak signing key | PortSwigger explicado español

Pentesting JWTs: Cracking 0:05:55

Pentesting JWTs: Cracking weak keys using JWT_TOOL

JSON Web Token 0:11:25

JSON Web Token Vulnerability - Portswigger | JWT authentication bypass via weak signing key #3

PortSwigger - JWT 0:05:42

PortSwigger - JWT authentication bypass via weak signing key | Solution

22.3 Lab: JWT 0:04:47

22.3 Lab: JWT authentication bypass via weak signing key - Karthikeyan Nagaraj | 2024

JWT Lab03 0:06:42

JWT Lab03

JWT Authentication Bypass 0:12:24

JWT Authentication Bypass via Algorithm Confusion

🧪 JWT authentication 0:03:40

🧪 JWT authentication bypass via unverified signature (explained) | Portswigger [eWPTX style]

JWT authentication bypass 0:01:29

JWT authentication bypass via flawed signature verification

JWT Authentication Bypass 0:07:34

JWT Authentication Bypass via Algorithm Confusion with No Exposed Key

Комментарии
Автор

Great video, it'd also be nice to see a creating your own cookies when devs leave app_key credentials in page source code. .maybe report writing por favor :) p.s badass desktop!

camelotenglishtuition
Автор

GREAT video!! Thanks you so much Intigriti!! <3

mf-
Автор

By now you might have figured out what you did wrong with JWT editor. With this particular challenge you need to just add a Symmetric key and update the k part with the base64 encoded value of the secret. modify the payload and click on sign there you will get option to select the signing key

nirchoubey