After you've logged in to the Juice Shop, it uses Json Web Tokens (JWTs) to authenticate any subsequent requests. The tokens consist of 3 separate parts. First is the header describing the token. After the header, the payload part typically contains a unique identifier for your session, along with various other information that pertains to you as a user of the site, but isn't secret. The last part may contain a cryptographic signature, created by the issuer (in this case, the juice shop). Ideally, when a system utilizes JWTs it should inspect the signature and completely disregard any tokens without a valid signature (from a trusted party). The sections are Base64Url-encoded, and separated by punctuation characters (.), so the structure is <header>.<payload>.<signature>.

Knowing that the shop uses JWTs is useful, since there might be vulnerabilities in related libraries. Let's see if the Juice Shop contains the JWT component with a known vulnerability.

1. You'll need 3 browser windows open simultaneously for this lab.
2. Log in to the Juice Shop as any user.
3. Use the developer tools of your web browser to check for any cookies used by the site.
4. Notice there's a cookie named token. Copy the value of it.
5. Go to jwt.io and paste the token into the left-hand side. Notice how the contents of the token appear in the right hand side, including the signature (although it doesn't seem to be valid). Will the site still accept a token without a signature? Let's find out.

6. Go to base64encode.org and create a header that indicates that the JWT contains no signature by entering

{
  "alg": "none",
  "typ": "JWT"
}

7. Copy the resulting Base64-encoded text into a new text file.
8. Remove any trailing = characters (since it is just padding).
9. Enter a single dot/punctuation character . after the text, indicating that the JWT payload part begins.

9. From the decoded token in jwt.io, copy the payload into base64encode.org.
10. Change the email address to [email protected] and the id to a different integer.
11. Copy the resulting Base64-encoded text and insert it after the dot in your text file.
12. Remove any trailing = characters.
13. Add a new dot after the text, indicating that the JWT signature part begins, but leave the signature part empty.
14. You now have a complete (but unsigned) JWT. Since it is unsigned, it should end immediately after the 2nd punctuation mark ..

15. In the developer tools for the Juice Shop, replace the value of the token cookie with your forged JWT token
16. Reload the page.
17. Check if you have access to content that requires an authenticated user (e.g. by adding an item to the cart).

• What is the risk to the Juice Shop in this scenario?
• What is the risk to a general Web app in this type of scenario?

• OWASP Top 10-2017:A9 Using Components with Known Vulnerabilities
• JWT Cheat Sheet on the OWASP Wiki