JWT Vulnerabilities: alg=none & Key Confusion
Exploit and fix the most common JWT security mistakes.
JWT Attack Surface
JWTs are cryptographically signed but many libraries had severe vulnerabilities. The most exploited: the alg=none attack, the RS256→HS256 confusion attack, and weak secret brute-forcing. All stem from trusting attacker-controlled header fields.
alg=none Attack
The JWT spec allows alg:"none" for unsecured tokens. Buggy libraries accepted this and skipped signature verification entirely. An attacker modifies the payload (e.g., "role":"admin"), sets alg:"none", strips the signature, and the server accepts it.
All lessons in this course
- JWT Anatomy: Header, Payload, Signature
- HS256 vs RS256: Symmetric vs Asymmetric JWTs
- JWT Vulnerabilities: alg=none & Key Confusion
- Secure JWT Implementation Best Practices