JSON Web Token XV: CVE-2022-39227

This exercise covers the exploitation of polyglot token against python_jwt (CVE-2022-39227)

PRO
Tier
Hard
< 1 Hr.
21

In this exercise, we delve into CVE-2022-39227, a vulnerability in the python-jwt library that allows an attacker to forge malicious tokens. The issue arises from the way the library parses both JWS Compact Serialization and JWS JSON Serialization formats. By manipulating the token from the Compact to the JSON format, an attacker can inject malicious claims without invalidating the signature.

The vulnerability enables the creation of a token that includes a fake payload to impersonate an admin user. Despite being in JSON format, the token remains valid as the signature is not rechecked. This exercise demonstrates the critical implications of improper token parsing and highlights the importance of robust security practices when handling JWTs.

Want to learn more? Get started with PentesterLab Pro! GOPRO