You have not logged in. Access is limited, Please login to get full Access

JSON Web Token (JWT)

JSON Web Token (JWT) vulnerabilities arise when tokens used for authentication and data exchange are improperly implemented or configured. Common issues include weak signing algorithms (like `none` or symmetric keys misused with asymmetric algorithms), insecure token storage, and token expiration mismanagement. Attackers can exploit these flaws to forge tokens, impersonate users, or gain unauthorized access to protected resources. Ensuring strong algorithms, proper validation, and secure storage is key to mitigating JWT vulnerabilities.

Task 1 Json Web Token vulnerability

Scenario:
You're performing a penetration test against a web application belonging to craw.in, a data analytics firm. The application utilizes JWTs for authentication and authorization. You've successfully intercepted a JWT issued to a user.

Answer The Questions

Question 1.

You intercept a JWT. What's the first part of the JWT you should analyze?

Question 2.

What standard algorithm is indicated if the JWT header claims "alg": "HS256"?

Question 3.

Which open-source JWT debugging tool can you use to inspect the JWT’s content easily?

Question 4.

What kind of vulnerability can be triggered if you modify the "alg" field to "none"?

Question 5.

If the "alg" is set to "RS256", what kind of key is used?

Question 6.

What is the type of attack when we use a public key instead of a private key to verify signature?

Question 7.

What kind of tool can be used to brute-force the secret key of a HS256 JWT if you suspect a weak key?

Question 8.

If the JWT contains a field called "isAdmin," what kind of authorization issue could you exploit if you can manipulate its value?

Question 9.

What is the recommended minimum length, in bits, for a secret key used with HS256 to provide adequate security?

Question 10.

What section of JWT should be modified in order to modify user-id or isAdmin privileges?

Question 11.

A vulnerability is identified where the application doesn't properly validate the aud (audience) claim in the JWT. What kind of attack is this called?

Question 12.

What type of vulnerability may occur if the 'kid' (key ID) header is used and you can control it to point to an arbitrary file path?

Question 13.

The JWT has an exp (expiration) claim. If the server doesn't validate this claim correctly, what kind of attack becomes possible?

JSON Web Token (JWT)

Task 1 Json Web Token vulnerability

Email Verification Required

Admin Panel