Can I DM anyone,I need to confirm if I am true about the vuln in workflow
I just want to know if the manupulation of c*****e from R***6 to H***6 has something to do with the chllenge!
Type your comment> @mrWh17e said:
I just want to know if the manupulation of c*****e from
R***6toH***6has something to do with the chllenge!
yes
Just an FYI - not too bright on my end but I wasnāt using the VPN access originally for this challenge. I wasted at least a day dealing with server 500 errors which I suspect was due to traffic redirecting through safebrowsing.googleapis. Once i logged into the VPN and retraced my steps, I was able to complete this task. Tools and commands that failed originally worked through the VPN.
Having trouble with this, maybe cause itās older. Wrote my python script, stuck here:
Please donāt delete
jwt.exceptions.InvalidKeyError: The specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.
Then I found a script on Github, more or less the same as mine, seems like it was made for this challenge. It throws the same error. Digging deeper I found I would have to downgrade PyJWT to a very early version where this check hasnāt been implemented. I donāt want to do that. My kali is fāed up already, I need to run most recent tools (like cme) through pyenv execā¦
Gonna try changing the cert header to public now, but idk thereās gotta be a way?
anyone happy to help me a bit?
i have found the interesting bit, but my payload is somehow not giving me the results back that im expecting.
please DM me
Hello, Iām quite lost: I managed to change the S******** of the J***W******n from S***6 to H***6. Yet the server still gives an āInternal Errorā. When spinning up a local instance with the supplied Source-Code, the modified J***W******n is accepted, but on the remote instance it is not. Anyone have a clue? Please PM me, I have no idea on how to proceed.
Type your comment> @gutjuri said:
Hello, Iām quite lost: I managed to change the S******** of the J***W******n from S***6 to H***6. Yet the server still gives an āInternal Errorā. When spinning up a local instance with the supplied Source-Code, the modified J***W******n is accepted, but on the remote instance it is not. Anyone have a clue? Please PM me, I have no idea on how to proceed.
I passed through the same and at least in my case it turned out to be an issue when echoing the key to the file. Instead, I manually copy-pasted it into the .pem file, replaced line feed strings with actual line feeds, and then it just worked!
Type your comment> @daverules said:
if you get an internal error then it means the format of something is not quite right. in my case, it was that i was missing a line break at the end of something else . hope that helps
A missing line break was my whole problem with the JWT portion. Thanks @daverules
Learned lots of new stuff here like JWT.
Thereās a great python tool for jwt exploits too.
A highly relevant tool for this Challenge has some tricky syntax that doesnāt always combine as might be expected. Checking the Issues list for the tool might save you a lot of time and frustration.
iām having some trouble trying to set this node app up on dockerā¦it keep giving me unhandledpromiserejection error for some reason. anyone have the same issue?
Type your comment> @yth123 said:
iām having some trouble trying to set this node app up on dockerā¦it keep giving me unhandledpromiserejection error for some reason. anyone have the same issue?
nvm just got itā¦i would say that downloading the source code and setting the app up locally and see how it operates also helps.
I think I need a hint hereā¦
Iāve found the vector and itās workingā¦ but I canāt find the right āvaccineā to make it release the flag.
Thanks!
Same here.But Iām still stuck with this.I just canāt find whatās going wrong.Can you help me out?
the same for me, if you find out the error please DM me
Hi, i have been modifying the jwt, regardless of mdfy when substituting cookie value I always get Internal Server Error. Can someone pinpoint ? Any hints?
Same. I am able to view/modify the jwt using jwt_tool.py and jwt.io. When I try try to change the token to force HS256, and plug that into Burp Repeater, i get Internal Error. I am using a username that I registered, for what thatās worth.
Iād appreciate any pointers!
jwt_tool.py was not the way to go for me (it never produced an output that workedāI also always got Internal Server Error)ā¦ I finally just solved this challenge, Iām happy to share what I learned in DM.
Hey, I spent quite some time on it and I finally got it to work.
Hint for people trying to use jwt_tools :v1.3.3
1 Like
hey dude i really nee help in under constructionā¦im using jwt token to sql inject but its not working am i doing something wrong??