Products

Pricing

Test Library

Solutions

Resources

See docs

Start free

Test Library

JWT Failed to verify Signature

Since server is not validating the JWT signature the attacker can tamper with the payload of JWT and access protected resources

Broken User Authentication (BUA)

"The endpoint appears to be vulnerable to broken authentication attack.The original request was replayed by changing the valid signature of JWT to invalid signature. The server responded with 2XX success codes. This indicates that this endpoint can be accessed with an invalid JWT signature as the developer has failed to properly verify the signature with every request.<br><br>" "<b>Background:</b> The JSON Web Token specification provides several ways for developers to digitally sign payload claims. This ensures data integrity and robust user authentication. However, some servers fail to properly verify the signature, which can result in them accepting tokens with invalid signatures."

"The endpoint appears to be vulnerable to broken authentication attack.The original request was replayed by changing the valid signature of JWT to invalid signature. The server responded with 2XX success codes. This indicates that this endpoint can be accessed with an invalid JWT signature as the developer has failed to properly verify the signature with every request.<br><br>" "<b>Background:</b> The JSON Web Token specification provides several ways for developers to digitally sign payload claims. This ensures data integrity and robust user authentication. However, some servers fail to properly verify the signature, which can result in them accepting tokens with invalid signatures."

Impact of the vulnerability

Impact of the vulnerability

"Using this vulnerability an attacker can do a full account takeover. <br><br>" "They can also exploit this vulnerability by supplying an arbitrary claim in the JWT payload to escalate their privileges or impersonate other users. For example, if the token contains a \"username\": \"joe\" claim, they could change this to \"username\": \"admin\"."

"Using this vulnerability an attacker can do a full account takeover. <br><br>" "They can also exploit this vulnerability by supplying an arbitrary claim in the JWT payload to escalate their privileges or impersonate other users. For example, if the token contains a \"username\": \"joe\" claim, they could change this to \"username\": \"admin\"."

How this template works

APIs Selection

The template uses API selection filters to specify the criteria for selecting the requests to be executed. In this case, it filters requests based on the response code being between 200 and 299, and also checks if the request headers contain a JWT (JSON Web Token).

Execute request

The template uses the "execute" section to define the type of request to be executed. In this case, it is a single request. It also specifies that the authentication header should be replaced with an invalid signature token, which is obtained from the "auth_context.invalid_signature_token" variable.

Validation

The template uses the "validate" section to define the criteria for validating the response. In this case, it checks if the response code is between 200 and 299, indicating a successful request.

Frequently asked questions

What is the purpose of the "JWT_INVALID_SIGNATURE" category in this test

How does the server respond when an invalid JWT signature is provided

What is the impact of exploiting the JWT_INVALID_SIGNATURE vulnerability

What is the "NO_AUTH" category in this test

What are some tags associated with this test

Can you provide some references for further reading on the JWT_INVALID_SIGNATURE vulnerability

Loved by security teams!

Loved by security teams!

Product Hunt Badge

"We are absolutely thrilled with the testing feature of Akto. We have used it on our graphQL endpoints and it performs flawlessly identifying common API security issues. It's truly a game-changer and we highly recommend Akto to anyone looking to effortlessly secure their API endpoints. With a user-friendly interface, it's the perfect solution for anyone looking to embrace custom rules with context to reduce false positives."

Security team,

Loom

"We are absolutely thrilled with the testing feature of Akto. We have used it on our graphQL endpoints and it performs flawlessly identifying common API security issues. It's truly a game-changer and we highly recommend Akto to anyone looking to effortlessly secure their API endpoints. With a user-friendly interface, it's the perfect solution for anyone looking to embrace custom rules with context to reduce false positives."

Security team,

Loom

"The text editor in Akto is absolutely remarkable. Its user-friendly YAML format strikes the perfect balance between simplicity and power. With intuitive features like 'API selection filter', 'Execute', Validate' creating test rules becomes incredibly easy. Akto's test editor is a game-changer, enabling seamless creation of highly personalized and effective tests that could meet the needs of any modern day organization. "

Security team,

Rippling

Explore other tests

JWT authentication bypass via jku header injection

CSRF Login attack

JWT None Algorithm

Broken Authentication by removing auth token

CSRF test by removing csrf token

CSRF test by replacing with invalid csrf token

Learn more:

API security tests

5 min read

How to test JWT NONE Algorithm vulnerability?

OWASP top 10

10 min read

What's changed in OWASP API Security Top 10 2023 Release Candidate from 2019?

Suggest API security tests

Suggest API security tests

We're actively building the test library. Suggest a test! If we like your suggestion, you will see it in the library in few days.

We're actively building the test library. Suggest a test! If we like your suggestion, you will see it in the library in few days.