
User Reports Consistent Flag Return in JWT Security Room on TryHackMe
CybersecurityHackingJWTLearningPlatforms
The user is working on the Signature Validation Mistakes section of the JWT Security room on TryHackMe. They report that modifying the JWT and sending different requests—including changes to the signature—consistently returns the same flag, regardless of validity. The user expected different outcomes based on whether the signature was valid or not. They question whether the room might be broken or if they are misunderstanding the intended behavior.