JWT the Hell?! How Weak Tokens Let Me Become Admin with Just a Text Editor ️

A hacker known as iski posted on their blog instance that they had gained admin access to a system by simply editing a JWT token in Notepad, highlighting a serious vulnerability in the system’s security.
Their journey started with a routine recon session where they found a hardcoded JWT in a minified JavaScript file.
They then used Burp Collaborator, a tool that simulates malicious web proxies, to confirm if an attacker can intercept the JWT and replace it with their own version.
Using a straightforward text editor to edit the JWT to give the hacker a Beers endpoint admin privileges.
The attacker then used the admin privilege to add herself to the endpoint and even took over the entire admin interface.
The blog ends with a lesson learned that JWT should be verified and short-lived, and endpoints should be resilient to unauthorized access.

Fast Feed