web345
Look at the source code to find out/admin
Put Q/admin in the cookie generated
Decrypt him with jwt
In alg, it is None, so there is no encryption. Change the user to admin and base64 encryption.
web346
Similar to the previous question but with encryption,
We still need to change the user to admin, but we don’t know the secret key, let’s make a blind guess 123456
Submit the cookie and then visit /admin/
web347
Same as the previous question, the key is 123456
web348
The same front end, the title prompts to blast, take out the cookie
Encrypted, you still need to change the user to admin, but if you don’t know the key, use jwtcrack to blast it
Download address https://github.com/brendan-rius/c-jwt-cracker
Exploding aaab is the same as the above layout
web349
app.js
/* GET home page. */
router.get('/', function(req, res, next) {
res.type('html');
var privateKey = fs.readFileSync(process.cwd()+'//public//private.key');
var token = jwt.sign({
user: 'user' }, privateKey, {
algorithm: 'RS256' });
res.cookie('auth',token);
res.end('where is flag?');
});
router.post('/',function(req,res,next){
var flag="flag_here";
res.type('html');
var auth = req.cookies.auth;
var cert = fs.readFileSync(process.cwd()+'//public/public.key'); // get public key
jwt.verify(auth, cert, function(err, decoded) {
if(decoded.user==='admin'){
res.end(flag);
}else{
res.end('you are not admin');
}
});
});
Obtain public and private keys by accessing /private.key
andpublic.key
Then fill it in jwt.io, pass in the obtained cookie after modifying admin, and post a parameter at the same time
web350
The HS256 algorithm uses the key to sign and verify all messages.
Whereas the RS256 algorithm uses the private key to sign the message and the public key for authentication.
If you change the algorithm from RS256 to HS256, the backend code will use the public key as the key and then use the HS256 algorithm to verify the signature.
Since the attacker can sometimes obtain the public key, the attacker can modify the algorithm in the header to HS256 and then use the RSA public key to sign the data.
In this case, the backend code uses the RSA public key + HS256 algorithm for signature verification.
node script
const jwt = require('jsonwebtoken');
var fs = require('fs');
var privateKey = fs.readFileSync('public.key');
var token = jwt.sign({
user: 'admin' }, privateKey, {
algorithm: 'HS256' });
console.log(token)
ken = jwt.sign({ user: ‘admin’ }, privateKey, { algorithm: ‘HS256’ });
console.log(token)
运行 nodejs 获取 cookie 去替换即可