Member-only story
Exploiting JWT to Account Takeover
Hey Cyberpunks, Ethical Kaps here, I’m back again with another powerful article. I hope you all are doing great in your life. Today we are going to talk about JSON Web Token. So without wasting any time let’s get straight into it.
Note: I will keep the topic as simple as possible and try to explain it in layman’s language. So that you’ll be able to grasp the roots of the vulnerability, and find that bug in your targets to make them more secure and earn bounties.
I will use abbreviation for JSON Web Token as JWT.
BOOK YOU MUST HAVE : TO BECOME PRO IN PENTRATION TESTING << BEGINNER’S FRIENDLY
💡 Quick Tip: If you’re enjoying these insights and want to learn more, subscribe to my YouTube channel (Rapid Grasper) for detailed videos and tutorials on staying cyber-safe!
What is JWT?
Simply understand this like, A Token which is used to securely transmit the information between parties as a JSON Object. It is also used for Authorization.
I think this definition is Cool and that’s all you need to know at this point. Do not worry at all you’ll grasp every aspect of it.✌ I’ll provide you the link further in this article in case you want to dive deep into the definition.
How A JWT Token looks like?
JWT follows the following structure :-
Base64(Header).Base64(Data).Base64(Signature). JWT are storage mechanism for data. It provides security mechanism as :-
- Encryption
- Signature
Signature Methods used to ensure Integrity of JWT :-
- RSA
- HMAC
- Elliptic curves
- None
Why I have highlighted the NONE Algorithm? You’ll get to know in a while when I’ll share the real time example of this vulnerability. I hope till now you have the basic Idea about what exactly is this JWT. Though this is enough for you to hunt this Vulnerability but still If you want to explore more about JSON Web Token. Then you can visit here.
