Hack JWT using JSON Web Tokens Attacker BurpSuite extensions

Рет қаралды 42,279

3 жыл бұрын

In this video, you will hack a vote feature by exploiting a JWT implementation weakness using two BurpSuite extensions: JSON Web Tokens and JSON Web Tokens Attacker (JOSEPH).
- Download your FREE Web hacking LAB: thehackerish.com/owasp-top-10...
- Read more on the blog: thehackerish.com
- Support this work: thehackerish.com/how-to-support
- Facebook Page: / thehackerish
- Follow us on Twitter: / thehackerish
- Listen on Anchor: anchor.fm/thehackerish- Listen on Spotify: open.spotify.com/show/4Ht8jEb...
- Listen on Google Podcasts: podcasts.google.com/?feed=aHR...

Пікірлер: 48

@sundar3357 3 жыл бұрын

You are explaining everything well. Thanks man.

@thehackerish 3 жыл бұрын

Welcome! Enjoy!

@ajaykumark107 3 жыл бұрын

Idea for next video: Burp bounty Extension. All videos currently on youtube have no voice over. Please cover this extension in depth as you did for JWT tokens. Great job again!

@thehackerish 3 жыл бұрын

Thanks for the suggestions!

@theotimeforestier7647 3 жыл бұрын

Very well explained

@uliun2344 3 жыл бұрын

Suite is pronounced as "sweet". Thanks for the great content.

@JuanBotes 3 жыл бұрын

thanks

@laggybot1327 3 жыл бұрын

very nice

@pooloverflow 3 жыл бұрын

nice content

@ajaykumark107 3 жыл бұрын

Please create more content!!

@user-zl9dy6hz2q 3 жыл бұрын

Can u upload all the vulnerability related JWT and garphQL

@whatiknowtech6887 3 жыл бұрын

Quick one sir , how do I craft a new timestamp in the JWT payload. Gained a new Subscriber , thank you very much kindly do in depth tutorials on burp extensions .

@thehackerish 3 жыл бұрын

run on the terminal: date +%s

@anik6393 3 жыл бұрын

You are the best one😘.

@thehackerish 3 жыл бұрын

You are as well!

@muddassirkhan5953 3 жыл бұрын

is all the token is base64 encode or it depends on the application?

@thehackerish 3 жыл бұрын

You will always find the same structure. It doesn't depend on the application, it is a standard.

@ashpakpinjari9214 3 жыл бұрын

Bro make video on burpbounty,burp collaborator everywhere and X-Forwarded-For extension. Awaiting for your video.

@thehackerish 3 жыл бұрын

Thanks for your suggestion!

@zer0six472 Жыл бұрын

I know am a little late but great video thank you very much well explained 🙏🤘

@thehackerish Жыл бұрын

Never late, welcome!

@ca7986 3 жыл бұрын

♥️

@cyberpirate007 3 жыл бұрын

Bro make a video on WAF bypass extension plzzz

@capleprajapati5575 3 жыл бұрын

1) For the highlighted request with comment as "Contains a JWT", it shows token in Response and not in the Request. Why the request is not having JWT? Also the request which has token is not highlighted with Contains a JWT. 2) The JWT token comes after we login with correct UserID and Password. It does not show before we login into the page. Is this correct? Is this how it is supposed to be?

@thehackerish 3 жыл бұрын

1- The extension detects whenever there is a JWT token either in the request or the response. 2- Yes, JWT tokens are usually used after authentication, in this case using a username and a password

@hackerproxy19 3 жыл бұрын

one video cover the all (burp suite extensions), can you

@thehackerish 3 жыл бұрын

That would result in a very loooong video which I cannot make unfortunately.

@Nirusvlogs 3 жыл бұрын

Nice. So what the secure way to implement JWT token.

@thehackerish 3 жыл бұрын

Validate the signature. Use strong keys for HSxxx, prefer RSA, etc

@Nirusvlogs 3 жыл бұрын

@@thehackerish Thank you so much! But while hacking your removing the signature if use RSA also still you can hack using xss or csfr attacks right. I am having this issuein my website. I want your advise😀

@thehackerish 3 жыл бұрын

@@Nirusvlogs JWT will protect against CSRF if not put in a cookie. However, XSS would exfiltrate the JWT. In this case, you can implement proof-of-possession tools.ietf.org/html/rfc7800.