as we see we have a website which contain a JWT

now let’s try to login

now hit login

and as we see we are logged in by the username wiener so now let’s intercept the request in burpsuite

now we see the JWT Editor marked this request as it contain a JWT so let’s send it to repeater

as we see we got the value sub which contain the username that we are currently logged in with

now the previous techniques will not work but if you notice the the algorithm

the algorithm is HS256 which is a weak algorithm that we can brute force

so let’s copy the JWT and make a file on our kali machine contain it

now let’s try to crack the key with john

john jwt.txt --wordlist=crackme.txt

as we can see we got the cracked it and got the key so now let’s base64 encode the value