What is JWT?
For those who are not familiar with JSON tokens, it’s a method to securely exchange data, especially an LFI attack in which the application uses a JSON object. The purpose of the method is to be used within an authorization in which the objects need to be signed, verified, and trusted.
Therefore, we can exploit the JWT token to execute the LFI attack on the machine itself.
Demonstration with attack method using the JWT with LFI attacks.
The demonstration is taken from the walkthrough over here
Firstly, we are required to download the jwt2john.py into our attacker’s machine
We also can use the jwt token to crack the password just like the command above.
As a result, we can obtain the password for the jwt by using john the ripper.
We can modify the jwt token by changing the details on the username and adding the password on the secret key section.
No responses yet