GitBook: [master] one page and one asset modified

disnetclub · Feb 17, 2021 · 5c3e372 · 5c3e372
1 parent 5ebaa83
commit 5c3e372
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/.gitbook/assets/image (435).png b/.gitbook/assets/image (435).png
diff --git a/pentesting-web/hacking-jwt-json-web-tokens.md b/pentesting-web/hacking-jwt-json-web-tokens.md
@@ -1,7 +1,25 @@
 # JWT Vulnerabilities \(Json Web Tokens\)
 
 **Part of this post was taken from:** [**https://github.com/ticarpi/jwt\_tool/wiki/Attack-Methodology**](https://github.com/ticarpi/jwt_tool/wiki/Attack-Methodology)  
-**Author of the great tool to pentest JWT** [**https://github.com/ticarpi/jwt\_tool**](https://github.com/ticarpi/jwt_tool)\*\*\*\*
+**Author of the great tool to pentest JWTs** [**https://github.com/ticarpi/jwt\_tool**](https://github.com/ticarpi/jwt_tool)
+
+## **Quick Wins**
+
+Run [**jwt\_tool**](https://github.com/ticarpi/jwt_tool) ****with mode `All Tests!` and wait for green lines
+
+```bash
+python3 jwt_tool.py -M at -t "https://api.example.com/api/v1/user/76bab5dd-9307-ab04-8123-fda81234245" -rh "Authorization: Bearer eyJhbG...<JWT Token>"
+```
+
+If you are lucky the tool will find some case where the web application is correctly checking the JWT:
+
+![](../.gitbook/assets/image%20%28435%29.png)
+
+Then, you can search the request in your proxy or dump the used JWT for that request using jwt\_ tool:
+
+```bash
+python3 jwt_tool.py -Q "jwttool_706649b802c9f5e41052062a3787b291"
+```
 
 ## Tamper data without modifying anything