JWT

Methodology

Signature Attacks

• Modify, Add or Remove claims

• None Algorithm (none, None, NONE, nOnE)

• Remove signature

• Weak Secret Key

Header Injection

• JWK (JSON Web Key)

• JKU (JSON Web Key URL)

• KID (Key ID)

Useful

Brute force Secret Key

hashcat

hashcat -m 16500 -a 0 <jwt> <wordlist>

jwt_tool

jwt_tool <jwt> -C -d <wordlist>

Resources

Website

Tools

Burp Extensions

Wordlist