Comment on page

JWTs and JSON

Manipulating JWTs
1.Paste the token into jwt.io
2.Replace the "alg" value with "none" in header. (try the alg header variations such as "none", "None", "nOnE", "NONE".)
3.Replace arbitrary values of the payload e.g. "username" with "admin".
4.Empty the signature field
If the error "Invalid Signature" occured, we can manually create Base64 value for each section (remove the "=" symbol). If you want to empty the signature field manually, you can delete the final section.
5.Now copy the JWT. 
6.Go to the website and replace the original JWT with the new one in HTTP header.
Changing Expiration
During JWT testing, you should try to modify the "exp" value:
"exp": 1679156071 -> 991679156071
JQ Queries
Command
Description
cat vulnapp.json | jq '.Servers[]' 
Retrieve the top level object (Servers array element)
cat vulnapp.json | jq '.Servers[].Instances'
Access an object within an array using dot notation
cat vulnapp.json | jq '.Servers[].Instances[]ServerType'
Access an individual object deeper within an array
Quietly download a list of ip ranges, use jq tp parse through the file, sort the data, and output the results to a text file
wget -qO https://ip-ranges.cloudvendor.com/ip-ranges.json | jq '.prefxes[] | if .region == "country-region-1" then ip_prefixes else empty end' -r | sort -u > country-region-range.txt

Command	Description
`cat vulnapp.json \| jq '.Servers[]'`	Retrieve the top level object (Servers array element)
`cat vulnapp.json \| jq '.Servers[].Instances'`	Access an object within an array using dot notation
`cat vulnapp.json \| jq '.Servers[].Instances[]ServerType'`	Access an individual object deeper within an array

Noteworthy Technical Content

Next - Field Notes

SAST/SCA

Last modified 4mo ago