NahamSec Explores JWT Exploitation in Modern Web Applications

In this video, NahamSec explores how hackers bypass authentication in modern web applications by exploiting JWTs (JSON Web Tokens). He begins by explaining the basic structure of a JWT, which consists of three Base64-encoded parts: a header, a payload, and a signature, separated by dots. NahamSec uses a simple script to show how tokens are signed using HS256, which relies on a secret key to sign the token. He explains that JWTs can be signed in two main ways: HS256, which uses a shared secret key, and RS256, which uses a private key to sign and a public key to verify.

NahamSec then addresses several common attack techniques. The first involves modifying the token's algorithm to set it to "none," removing the signature, which can trick the server into accepting the token without verifying its signature. Although this method is less common today, it can still be effective on legacy systems or poorly configured libraries. A more realistic attack involves cracking the secret key used in HS256 tokens. Developers often use weak secrets, allowing attackers to crack them using wordlists like rocku.txt or by searching for default secrets on platforms like GitHub. Once the key is cracked, the attacker can modify the payload, for example, by changing the user ID or role, then re-sign the token and send it to the target application.

NahamSec then introduces a more advanced technique: algorithm confusion. In some cases, poorly configured applications may accept a token signed with HS256 using the RS256 public key as the HMAC secret. If the attacker can obtain this public key, they can forge a token by changing the algorithm in the header to HS256 and signing the token with this key. This attack is possible when the server trusts the algorithm in the header without enforcing expected values.

Finally, NahamSec shares an unexpected discovery: he found a development site for a real web application and successfully used a JWT obtained from this site to access the production environment. This was possible because the development and production sites shared the same signing key, a critical error that allowed tokens to cross environments. This discovery highlights the importance of reconnaissance to find development or staging environments and test them, even if the production site seems secure.

NahamSec concludes by emphasizing that JWTs are not the only tokens that can be cracked or abused. Other frameworks like Django, Flask, and Express use signed cookies or tokens that can also be vulnerable. He recommends using tools like Cookie Monster to brute-force these secrets. The ultimate goal is not just to find bugs but to see how far one can go in terms of impact, maximizing security discoveries and bounties.

For more details, watch the full video: https://www.youtube.com/watch?v=0R3xHx7fPUM