owasp-zap-jwt-addon icon indicating copy to clipboard operation
owasp-zap-jwt-addon copied to clipboard

Published 20 hours ago verified publisher icon SasanLabs

Adding Attack vector for finding vulnerabilities related to JWE

Open preetkaran20 opened this issue 3 years ago • 3 comments

Is your feature request related to a problem? Please describe.

We have currently only handing JWS but we have not handled JWE so under this enhancement we are looking to add:

  1. Analysing Vulnerabilities related to JWE by going through various blogs, bug bounties, other scanner add-on's
  2. Implement the Attack vectors
  3. Adding the Vulnerable code in https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/service/vulnerability/jwt/JWTVulnerability.java so that we can test the attack vectors.
  4. Add a design document regarding the same.

Code References Attack vectors: https://github.com/SasanLabs/owasp-zap-jwt-addon/tree/master/src/main/java/org/zaproxy/zap/extension/jwt/attacks Adding Support for parsing JWE: https://github.com/SasanLabs/owasp-zap-jwt-addon/blob/ec58672c0951a23cf4544fd0e41b72eb9328a78d/src/main/java/org/zaproxy/zap/extension/jwt/utils/JWTUtils.java#L139 Fuzzer code: https://github.com/SasanLabs/owasp-zap-jwt-addon/blob/master/src/main/java/org/zaproxy/zap/extension/jwt/fuzzer/ui/JWTFuzzPanelView.java Scan Rule code: https://github.com/SasanLabs/owasp-zap-jwt-addon/blob/master/src/main/java/org/zaproxy/zap/extension/jwt/JWTActiveScanRule.java

Testing the changes build the addon by running

  1. ./gradlew spotlessApply
  2. ./gradlew build Then go to the ZAP -> File -> Local addon file -> Navigate to project -> build -> bin -> jwt*.zap and done.

preetkaran20 avatar Oct 07 '20 14:10 preetkaran20