JWT security

good enought?

1. Get content  using jwt

6 . Return Data

WebEndpoint

2. Download Data

5. Azure Send Data

Authenticated User

enter

WebApp

JWT Security

File size 20Mb

20Mb

Azure

JWT

MITM

1. Request all the end points jwt

6 . Return Data

WebEndpoint

2. Download Data

5. Azure Send Data

Copied

Jwt

Token

Normal approach

File size 20Mb

20Mb

Azure

1. Get content

6 . Redirect to temporal Url link

WebEndpoint

2. Request Url link File

5. return temporal Url link

Let's Hack it

7. download directly data

Authenticated User

enter

WebApp

1.7Mb

Gzip File size

1.7Mb

Azure

deck

By Jesús Estévez

deck

Jesús Estévez

Just another simple developer

jecaestevez.com
jecaestevez

JWT security

JWT Security

Normal approach

Let's Hack it

deck

More from Jesús Estévez