Exploiting JSON Web Tokens.

What is JSON Web Token?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

Why And Where Do We Use JSON Web Tokens?

1- Authorization:

JSON Web Tokens are mostly used in Auth0. ok let’s make it more simple …basically when we visit any website signup/login page there we have options to login with third parties. those third parties could be gmail, twitter, gitlab, facebook etc. so Auth0 is basically something which verifies your Authentication when you login with a third party.

or let’s understand JWT in diffrent way with example….lets say you visit a web application and there you want to login with your email id with gmail …so you choose to login with gmail and hence you put your gmail there and hit enter ….so now what will happen in back end a JWT(json web token) will be generated and it will contain the information encoded in base64 , which has to be compared and verified server side, and when verified the user has the Authorization . each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token.

Example- when we login into our gmail we are logged in youtube as well, we dont have to login seperately if we log in youtube. that’s called (SSO-single sign on) which uses Auth0.

2- Information Exchange:

JSON Web Tokens are a good way of securely transmitting information between parties. Because JWTs can be signed — for example, using public/private key pairs — you can be sure the senders are who they say they are. Additionally, as the signature is calculated using the header and the payload, you can also verify that the content hasn’t been tampered with.

The Structure Of A JWT

A JWT Contains three parts.

1- HEADER

2- PAYLOAD

3-SIGNATURE

and it will look like Header.Payoad.Signature encoded in base64. so might look like something. where the first part is the Header , second one is the Payload and Third one is the signature.

HEADER.

The header typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA. for example

{ “alg”: “HS256”, “typ”: “JWT” } in base64URL . the alg part can be diffrent.

PAYLOAD.

The second part of the token is the payload, which contains the claims. Claims are statements about an entity (typically, the user) and additional data. There are three types of claims: registered, public, and private claims. example….

{ “sub”: “1234567890”, “name”: “John Doe”, “admin”: true }

The payload is then Base64Url encoded.

SIGNATURE.

To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that.

For example if you want to use the HMAC SHA256 algorithm, the signature will be created in the following way:

HMACSHA256( base64UrlEncode(header) + “.” + base64UrlEncode(payload), secret)

The signature is used to verify the message wasn’t changed along the way, and, in the case of tokens signed with a private key, it can also verify that the sender of the JWT is who it says it is.

#This is how JWT are used to Access APIs or resources

#Exploiting The JWT Tokens.

1-The very first way we can exploit the jwt tokens is by removing the alg type to none.

{ “alg”: “HS256”, “typ”: “JWT” } →{ “alg”: “none”, “typ”: “JWT” }

2-The second method of exploiting the JWT Tokens is to change the payload data to obtain IDOR(indirect object reference ).

suppose you have this payload

{ “sub”: “1234567890”, “name”: “John Doe”, “admin”: true } and you manipulate the data like changing the sub from 1234567890 to 1123456789 so it might give you the auth of another user if not gone through server side validations.

3- The third to exploit the JWT Tokens is to change the Modify the algorithm RS256 to HS256.

The algorithm HS256 uses the secret key to sign and verify each message.

The algorithm RS256 uses the private key to sign the message and uses the public key for authentication.

If you change the algorithm from RS256 to HS256, the backend code uses the public key as the secret key and then uses the HS256 algorithm to verify the signature.

Because the public key can sometimes be obtained by the attacker, the attacker can modify the algorithm in the header to HS256 and then use the RSA public key to sign the data.

The backend code uses the RSA public key + HS256 algorithm for signature verification.

4- the fourth way to exploit the JWT Tokens is to simply remove the signature part.

it may be possible that the JWT Tokens aren’t going through server side validations so if signature removed will worh then also.

Happy Hunting…