Shulou(Shulou.com)05/31 Report--

In this article, the editor introduces "how to configure JWT security" in detail, the content is detailed, the steps are clear, and the details are handled properly. I hope this article "how to configure JWT security" can help you solve your doubts.

There are usually two ways of user authentication, traditional session authentication and token-based authentication.

Defects of traditional session authentication

In traditional session authentication, with the increase of different client users, independent servers can no longer carry more users, and then the problems of session-based authentication applications will be exposed. For example, with the increase of authenticated users, the cost of the server will obviously increase, which limits the ability of load balancer in distributed applications. Because user identification is based on cookie, if cookie is intercepted, users will be vulnerable to cross-site request forgery attacks.

Authentication Mechanism based on token

Token-based authentication mechanism is similar to http protocol is also stateless, it does not need to retain the user's authentication information or session information on the server. This means that applications based on token authentication mechanism do not need to consider which server the user has logged in, which facilitates the expansion of the application.

2 definition

JWT (JSON Web Token) is a very lightweight specification through which reliable security information can be transmitted. JWT is often used for front-end separation, can be used in conjunction with Restful API, and is often used to build identity authentication mechanisms.

Json web token (JWT) is an open standard based on JSON (RFC 7519) for passing declarations between network application environments. The token is designed to be compact and secure and is particularly suitable for single sign-on (SSO) scenarios at distributed sites. The declaration of JWT is generally used to transfer authenticated user identity information between the identity provider and the service provider in order to obtain resources from the resource server, and can also add some additional declaration information necessary for other business logic. The token can also be directly used for authentication or can be encrypted.

3 composition

A string consists of a header, a payload, and a signature.

The header (Header) is used to describe the most basic information of JWT. The signature used is similar to the algorithm {"typ": "JWT", "alg": "HS256"} is encoded by base64 to form the header.

The Payload is also in the form of json The official definition has the following six parts {"sub": "1", / / the user "iss" the JWT is aimed at: "http://localhost:8000/auth/login", / / the issuer of the JWT" iat ", / / iat (issued at): when will the token" exp ":, / / exp (expires): when will the token expire" nbf ": / / nbf (not before): token cannot be received before this time. "jti": "/ / JWT ID provides a unique identity for web token} of course. Developers can define the data they use. After the base64 coding of the above json data, the load is formed.

The signature uses a full stop for both of the above encoded strings. Concatenate together to provide a key (secret) encrypted with the algorithm specified in the header to form a new string, similarly, requires base64 encoding

The above will be used in three parts. Spliced together to form a complete JWT token

But with so much introduction above, we still don't know what JWT is for. If we briefly introduce the verification methods of JWT, we should know something about the use of JWT.

After receiving the JWT, the server application will first re-sign the contents of the header and payload with the same algorithm. If the server application signs the header and payload in the same way again and finds that the signature calculated by itself is not the same as the signature received, then it means that the content of the Token has been touched by others, and we should reject the Token.

Analysis of JWT Security problems

The composition of JWT mentioned above, our purpose is to study its security since this is a verification mechanism, then the security problem is mainly unauthorized access, that is to say, to bypass this authentication mechanism, given its structure, the data generally exists on the local side, and the only thing we do not know is the key of the encryption algorithm. In this way, there are the following security problems.

1 modify the algorithm to none

There are two ways to modify the algorithm, one of which is to make the algorithm none.

If the backend supports none algorithm

The alg field in header can be modified to none

Remove the signature data from JWT (only header +'.'+ payload +'.) and submit it directly to the server.

2 modify the algorithm RS256 to HS256

RS256 is an asymmetric encryption algorithm, and HS is a symmetric encryption algorithm

If the function inside jwt supports the RS256 algorithm and also supports the HS256 algorithm

If the public key is known, change the algorithm to HS256, and then the backend will use the public key as the key to encrypt.

(3) Information disclosure

JWT is transmitted by base64 coding, although the key is not visible, but its data is transmitted in clear text. If important content is transmitted, it can be decoded by base64 and then get its important information.

4 blasting key

The principle is that if the key is relatively short, the known encryption algorithm can get the key through brute force cracking.

Construction of vulnerability environment

Construction mode

The environment I built is php7.

Composer is installed

Directly use the following command to build the vulnerability environment

Git clone https://github.com/Sjord/jwtdemo/

Cd jwtdemo

Composer install

Php-S 0.0.0.0 8000-t public

And then directly visit

127.0.0.1:8000/hs256.php

The environment was built successfully.

Payload is as follows

Def b64urlencode (data):

Return base64.b64encode (data). Replace ('+','-'). Replace ('/','_'). Replace ('=','')

Print b64urlencode ("{\" typ\ ":\" JWT\ ",\" alg\ ":\" none\ "}") +\

'.' + b64urlencode ("{\" data\ ":\" test\ "}") +'.'

Through the above code, you can construct an arbitrary paylaod whose key is none, thus bypassing the back-end check. The method of modification is similar to that of RS256 and will not be discussed in detail.

Related tools

1JohnTheRipper

When blasting a JWT, you can use the following tools

Https://github.com/magnumripper/JohnTheRipper

The methods used are as follows

Git clone https://github.com/magnumripper/JohnTheRipper

Cd JohnTheRipper/src

. / configure

Make-s clean & & make-sj4

Cd.. / run

. / john jwt.txt

2c-jwt-cracker

The cracking tool of C language

Https://github.com/brendan-rius/c-jwt-cracker

The method of use is as follows

Make

Make OPENSSL=/usr/local/opt/openssl/include OPENSSL_LIB=-L/usr/local/opt/openssl/lib

. / jwtcrack eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.cAOIAifu3fykvhkHpbuhbvtH807-Z2rI1FS3vX1XMjE read this, this article "how to configure JWT security" has been introduced. If you want to master the knowledge points of this article, you still need to practice and use it yourself. If you want to learn more about related articles, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.