Burp Suite User Forum

Login to post

I can't see options of json web tokens extension

Hayyan | Last updated: Jun 27, 2022 06:18PM UTC

when i installed json web tokens extension there is just 3 options enter jwt secret key and decoded jwt no other options were given for jwt and can you tell me how to view json web tokens in proxy and repeaters etc tabs because there is no option for jwt in request views.

Hannah, PortSwigger Agent | Last updated: Jun 28, 2022 09:03AM UTC

Hi Have you had a look at any of the screenshots and notes on usage from the author's repo here: https://github.com/ozzi-/JWT4B

Hayyan | Last updated: Jun 28, 2022 11:10AM UTC

Can you help me because I can't see json web tokens view in proxy repeaters tab.

Hannah, PortSwigger Agent | Last updated: Jun 29, 2022 10:51AM UTC

The JSON Web Tokens tab will only appear on a message editor if a JWT is contained in the request/response. If you launch one of the new JWT academy labs (https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-unverified-signature) and log in to the given account, you should see a JWT in your request, as well as the JSON Web Tokens extension-added tab.

You need to Log in to post a reply. Or register here, for free.