Brute Forcing JWT Token (HS256)
Some days ago i worked with very interesting app.
App was kind well by security reason. I can’t find there any security problem. And this was annoyed me.
I am glad of my job if i can find something. But this article not about app and vulnerabilities.This article is about very interesting technik which i found.
So my testing app was very strict. And the last thing to expose data — might have to create jwt token.
So what is it — jwt token.
A JSON Web Token encodes a series of claims in a JSON object. Some of these claims have a specific meaning, while others are left to be interpreted by the users. These claims can be verified and trusted because it is digitally signed. Examples of these claims are issuer (iss), subject (sub), audience (aud), expiration time (exp), not before (nbf), and issued at (iat). JWTs can be signed using a secret (with HMAC algorithm) or a public/private key pair using RSA or Elliptic-Curve.
Structure of a JSON Web Token
Often your jwt token can looks like this:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
A JWT comes in this structure, aaaaaa.bbbbbb.ccccc. aaaaaaa represents the header, bbbbb represents the payload while cccccc represents the signature.
first of all do decode your token you need this link
https://jwt.io/
If we put out token to Encoded field. We will see
{
“alg”: “HS256”,
“typ”: “JWT”
}
This is the algorithm of your token and type. Here we have HS256. It might be RS256 and many other alg.
So the body of our token will be
{
“sub”: “1234567890”,
“name”: “John Doe”,
“admin”: true
}
So you see that here we have some interesting fields. Details of our user. For example, if we can manipulate with this data — we can create our own powerfull user. But! To generate our jwt token we should know special secret key. In our example - key is “secret” (like salt)
If you put your correct secret key into VERIFY SIGNATURE field in jwt.io. You can generate new valid token with changing user details and "settings".
JWT Signing Algorithms
The most common algorithms for signing JWTs are:
- HMAC + SHA256 (HS256)
- RSASSA-PKCS1-v1_5 + SHA256 (RS256)
- ECDSA + P-256 + SHA256 ( ES256)
How it was for me. The last thing which i can do with my testing app — trying to generate new token. But how? I don’t know secret key.
So. If developers was pretty lazy and they use very simple secret key — we can brutefoce it. All what we need — powerfull machine.
I used a Mac computer to try out the brute force attack.
Brute Forcing an HS256 JSON Web Token
As secure as HS256 is, especially when implemented the right way, brute-forcing a JSON web token signed with small and medium sized shared-secrets using HS256 is still very possible.
I used this git repositories:
https://github.com/brendan-rius/c-jwt-cracker/blob/master/main.c
https://github.com/ojensen5115/jwtcrack/blob/master/src/main.rs
Before starting attack, try to brute force let's try to do the same on your own generated token by jwt.io with a secret, secret.
The results of cracker should be like this:
But when i started with real token of my testing app, which i want to hack — the goal was not achieved.
I tried both technics. With wordlist and without. It took so a lot of time but solution wasn't found. :-(
PS: In any case, I’m glad that the application was resistant (and also secret key).
And I figured out some interesting new techniques. That it is very cool for me :-)
