BSides Toronto 2023

JWT Parkour
2023-10-21 , ENG 103

Nowadays, JSON Web Tokens are everywhere. They are used as session tokens, OAuth tokens or just to pass information between applications or microservices. By design, JWT contains a high number of security and cryptography pitfalls that creates interesting vulnerabilities. In this workshop, we are going to learn how to exploit some of those issues.

First, we are going to look at the old issues: the none algorithm, guessing/bruteforcing the hmac secret.

Then we will look at more recent issues like how an RSA public key can be computed from multiple signatures to exploit algorithm confusion and how the same attack can be done with ECDSA. We will also look at leveraging issues with the kid/jku/x5u. And finally how to leverage CVE-2022-21449 to bypass the signature mechanism.


Introduction to JWT and their security

Demo 0: None algorithm
Demo 1: Algorithm confusion and retrieving the public key RSA
Demo 2: Algorithm confusion and retrieving the public key ECDSA
Demo 3: Injection in kid
Demo 4: Attacking jku/x5u
Demo 5: JWT and CVE-2021-22449

Conclusion

Louis is a security engineer based in Melbourne, Australia. He is the founder of PentesterLab, a learning platform for web penetration testing. He also runs the Youtube channel https://www.youtube.com/@AppSecSchool