Burp Suite User Forum

Create new post

JWT authentication bypass via algorithm confusion with no exposed key

k.periyamaruthu | Last updated: Jul 10, 2024 07:20AM UTC

How HARD, I try.. I am not able to resolve this lab... even after using multiple methods to solve this lab.... Cookie part is working.... Symmetric Key which is being created using .PEM public key which is not working.

Ben, PortSwigger Agent | Last updated: Jul 10, 2024 05:07PM UTC

Hi, Are you able to provide us with some specific details of which part of the solution is not working for you so that we can assist you further?

k.periyamaruthu | Last updated: Jul 11, 2024 06:03AM UTC

Hi Thanks for the quick response.... Please find the answer for your question... "Base64 encoded x509 key:" is not working... Ex: Base64 encoded x509 key: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUE4Tzd5MmdYWHN5eTZha2oweDF1ZgpjSW13SndVaGNUQ0lwcVA0a0VkOUk4RWxlQjQyOFZQRHh1dS9zWFl1cmh1bDA4cFNPeTduQ0RpbGFDZjdEZk8zCmd2ZkhDbEF0c01HQ2lZN2xxcWJXK3VtZDdnVzRaeSt5WnlmZ3l4YUlJN2FvUWdpK2RLVlgycXNidDdyRzJIV2kKRi9SMFA1dGdXMnJoR0NEbDZSMGFmL1RwZm5qT0x3SUlodkEwWi9Hd0V0Tm5oT3FvTDVOQXJ4L1NUcFNKYUhTUgpESzdPNTV5cGJVbm9PQ3lzTmdCbmVEQkNUUjMxUENNUHY3TkJXbHBONmpxWHVvT2EzREpqUlhWUExsaU0rYUFsCnM2bXhTU2xLMnpESGNlREo3V2NadU1XYVJsL1gzTVZmQ3RYRXphcEVPcUUyaFJFcUxIS1RlWk41aE5SL3NpMkcKU3dJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg== Note: Cookie part is working....

k.periyamaruthu | Last updated: Jul 11, 2024 06:07AM UTC

Ex Tampered Cookie Part: Tampered JWT: eyJraWQiOiIxZjc0ZGNkNC01MTlmLTRlNDEtODQ4Yi0xYjY1NGM0MTY2MjAiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiAicG9ydHN3aWdnZXIiLCAiZXhwIjogMTcyMDY4MTQ3OCwgInN1YiI6ICJ3aWVuZXIifQ.gDP01_dYszmCXt1zyKBl1SIFJ7XtlErViq0ePGNhrOg

Ben, PortSwigger Agent | Last updated: Jul 11, 2024 08:27AM UTC

Hi, I have just run through this lab and been able to solve it using the solution provided so it is still functioning as expected. Are you able to email us at support@portswigger.net and include screenshots (or a screen recording) of every step that you are carrying out so that we can see exactly what you are doing?

k.periyamaruthu | Last updated: Jul 11, 2024 12:35PM UTC

The LAB resolved now... after trying the same steps more than 25 times... :-)... I have no IDEA, what just happened... HAHA.. HAHA...

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.