Join GitHub today
JWT (JSON Web Token) Support #1057
JSON Web Tokens (JWTs) are an emerging technology in Authorizing users in the web.
Hashcat actually already provides functionality to crack HMAC-SHA256, but with a character limitation of the plaintext (50 characters) JSON Web Tokens tend to be much longer though. The example on https://jwt.io/ has a plaintext-length of 105 characters.
Is it possible to either:
1. The first Part (header) of the token contains the algorithm and the type:
Encoded, this portion (header) of the token looks like this:
2. The second part (payload) contains more information like issuing timestamp, expiration timestamps, usernames and privilege claims:
Encoded, the second part (payload) of a JWT looks like this:
3. The third part (signature) of the token is the Signature that can be built e.g. with the HMAC-SHA256 Algorithm:
Encoded, the third part (signature) of a JWT looks like this:
The basic approach to crack a HMAC of this kind would be to create a hash.data file with the following contents:
Using hashcat, the follwing command can be used to bruteforce this token:
Due to the length of the plaintext, this will throw the following error:
JWTs also use the following algorithms:
Please add some example pairs…
On 13.02.2017 14:06, ratzrattillo wrote: JSON Web Tokens (JWTs) are an emerging technology in Authorizing users in the web. The Format of these Authorization Token is defined here: https://jwt.io/ The algorithm used to create a token is most of the time HMAC-SHA256 (HS256). Hashcat actually already provides functionality to crack HMAC-SHA256, but with a character limitation of the plaintext (50 characters) JSON Web Tokens tend to be much longer though. The example on https://jwt.io/ has a plaintext-length of 105 characters. Is it possible to either: 1. Allow a wider length for the plaintext 2. Implement a dedicated JWT-Cracking mode? Best Greetings! — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#1057>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AJ83OYyxA7Mqm4Zq0-V85VDYSXEYp4Fcks5rcFU-gaJpZM4L_LlE>.
magnumripper/JohnTheRipper#2318 is the longest sample I've seen. After that we use 5 MD blocks (311 bytes) for SHA-256 but we're apparently still at 2 blocks (239 bytes) for SHA-384/512.
I can't recall what plaintext that sample had but it was cracked immediately so probably something like "secret"...
I tried cracking a JWT using JTR-Jumbo and it worked quite well.
Even if this works, i would be interested in seeing this feature in Hashcat, as JWTs are getting more important as an Autorization mechanism in the web day by day ;)
I'm about to add this hash-mode to hashcat finally. One question for @ratzrattillo : The hash line you posted
How and where did you get it initially from? I guess this data must have been somehow sniffed from the wire? I'm asking because I'd like to stick to the original output as close as possible, so that there's no tool needed (like jwt2john) and hashcat can load it directly. However if this is just some data you've collected manually this wouldn't make sense then, thus I'm asking.