Flawed Signature Verfication

Servers don't store any JWT-related information, thus, they don't know anything about its contents.

Accepting Arbitrary Signatures

JWT libraries usually provide 2 methods, one for verification and one for decoding. For example, Node.js's jsonwebtoken library has the verify() and decode() methods. If a developer only use the latter the application won't verify the signature at all.

LAB: JWT Authentication Bypass via Unverified Signature

Goal: Modify your session token to gain access /admin and then delete the user carlos.

Accepting Tokens Without Signature

The JWT header contains an alg parameter which tells the server which algorithm was used to sign the token, i.e., which alogirthm it needs to use when veryfing the signature. This is inherently flawed as it is user-controlled. JWTs can be also left unsigned using "alg":"none", aka unsecure JWT. Servers usually reject this tokens, but since this relies on string parsing, it can be obfuscated.

Even if the token is unsigned, the payload part must end with a trailing dot.

LAB: JWT Authentication Bypass via Flawed Signature Verification

Goal: Modify your session token to gain access /admin and then delete the user carlos.