mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-28 22:50:19 +00:00
1.4 KiB
1.4 KiB
Portswigger JWT - Lab 2
JWT authentication bypass via flawed signature verification
In this lab we need bypass authuntication via flawed JWT signature verfication to become the administrator user by modifiying token and access /admin
, we can login with the credentials wiener:peter
as a normal user
We can try accessing /admin
, which only allows the administrator
user to access it
Checking the session cookie from developer tools
We can see a JWT token which can be analyzed by going to https://token.dev/
I tried modifying the name username to administrator
But when changing the JWT it just logs out the user
It could be that it doesn't valid what algorithm is being used so we can try to set alg
to none
But also to add .
at the end of payload part
After deleting carlos user we can solve the lab