What is JSON Web Token?
JWT (JSON Web Token) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
In this post, we will see how to test, tweak, and try to crack JWTs. There are few open-source libraries that we can use. One such utility is https://github.com/ticarpi/jwt_tool which is a toolkit for testing, tweaking, and cracking JSON Web Tokens.
This tool is written in Python 3 (version 3.6+).
Its functionality includes:
- Checking the validity of a token
- Testing for known exploits:
- (CVE-2015–2951) The alg=none signature-bypass vulnerability
- (CVE-2016–10555) The RS/HS256 public key mismatch vulnerability
- (CVE-2018–0114) Key injection vulnerability
- Scanning for misconfigurations or known weaknesses
- Fuzzing claim values to provoke unexpected behaviors
- Testing the validity of a secret/key file/Public Key/JWKS key
- Identifying weak keys via a High-speed Dictionary Attack
- Forging new token header and payload contents and creating a new signature with the key or via another attack method
- Timestamp tampering
- RSA and ECDSA key generation, and reconstruction (from JWKS files)
- …and lots more!
You can visit the repository on github and get the instructions on github.
Happy Coding!!!
Comments
Post a Comment