JWT 原理与漏洞深度解析及攻防实战<\/h1>

一、JWT 原理详解<\/h2>

1. JWT 结构<\/h3>

JWT (JSON Web Token) 由三部分组成，以 .<\/code> 分隔：<\/p>



Header<\/strong>：声明算法(alg<\/code>)和类型(typ<\/code>)，例如：<\/p>
{
<\/span><\/span>  "alg"<\/span>: "HS256"<\/span>,
<\/span><\/span>  "typ"<\/span>: "JWT"<\/span>
<\/span><\/span>}
<\/span><\/span><\/code><\/pre><\/li>

Payload<\/strong>：存储用户身份和权限信息，例如：<\/p>
{
<\/span><\/span>  "sub"<\/span>: "1234567890"<\/span>,
<\/span><\/span>  "name"<\/span>: "John Doe"<\/span>,
<\/span><\/span>  "admin"<\/span>: true<\/span>
<\/span><\/span>}
<\/span><\/span><\/code><\/pre><\/li>

Signature<\/strong>：对Header和Payload的签名，防止篡改。<\/p>
<\/li>
<\/ul>
签名生成逻辑 (以HS256为例)：<\/h4>
signature = HMACSHA256(
  base64UrlEncode(header) + "." + 
  base64UrlEncode(payload), 
  secret_key
)
<\/code><\/pre>
最终 Token 格式：<\/h4>
base64(Header).base64(Payload).base64(Signature)
<\/code><\/pre>
2. JWT 工作流程<\/h3>

用户登录<\/strong>：客户端发送凭证(如用户名\/密码)<\/li>
服务端生成 JWT<\/strong>：验证成功后返回签名的 Token<\/li>
客户端存储<\/strong>：通常存储在 Cookie 或 LocalStorage<\/li>
后续请求<\/strong>：客户端携带 Token，服务端验证签名和有效期<\/li>
<\/ol>
二、JWT 漏洞场景深度剖析<\/h2>
1. 敏感信息泄露<\/h3>
漏洞原理<\/h4>
JWT 的 Payload 仅通过 Base64 编码，未加密<\/strong>。若开发者将敏感数据(如密码、密钥、手机号)存入 Payload，攻击者可轻易解码获取信息。<\/p>
实际案例<\/h4>
某电商平台将用户地址和手机号明文存入 JWT，攻击者通过解码 Token 获取用户隐私数据。<\/p>
代码示例(错误 vs 正确)<\/h4>
# 错误:明文存储手机号<\/span>
<\/span><\/span>payload =<\/span> {"user"<\/span>: "admin"<\/span>, "phone"<\/span>: "13800138000"<\/span>}
<\/span><\/span>
<\/span><\/span># 正确:仅存储必要标识<\/span>
<\/span><\/span>payload =<\/span> {"user_id"<\/span>: "a3f8b"<\/span>, "role"<\/span>: "user"<\/span>}  # 使用无意义 UUID 替代敏感字段<\/span>
<\/span><\/span><\/code><\/pre>利用方式<\/h4>
使用浏览器开发者工具或在线解码工具(如 jwt.io)直接读取 Payload:<\/p>
echo "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwaG9uZSI6IjEzODAwMTM4MDAwIn0"<\/span> | base64 -d
<\/span><\/span># 输出:{"phone":"13800138000"}<\/span>
<\/span><\/span><\/code><\/pre>防御方案<\/h4>

最小化 Payload 内容，避免存储敏感数据<\/li>
对必要敏感字段加密(如AES)后再存入 Payload<\/li>
<\/ul>
2. 接受任意签名(alg: none 攻击)<\/h3>
漏洞原理<\/h4>
当服务端未强制校验签名算法时，攻击者可篡改 Header 的 alg<\/code> 为 none<\/code>，绕过签名验证。<\/p>
攻击步骤<\/h4>

截获合法 Token: header.payload.signature<\/code><\/li>
修改 Header 为 {"alg":"none","typ":"JWT"}<\/code><\/li>
删除 Signature，构造新 Token: malicious_header.payload.<\/code><\/li>
发送给服务端，若验证通过则攻击成功<\/li>
<\/ol>
代码示例(服务端漏洞代码)<\/h4>
# 错误:未限制算法类型<\/span>
<\/span><\/span>def<\/span> decode_token<\/span>(token):
<\/span><\/span>    return<\/span> jwt.<\/span>decode(token, key=<\/span>"secret"<\/span>, algorithms=<\/span>None<\/span>)  # 允许所有算法<\/span>
<\/span><\/span><\/code><\/pre>利用工具<\/h4>
使用 Burp Suite 的 Repeater 模块修改请求头，或手动生成 Token:<\/p>
import<\/span> base64
<\/span><\/span>header =<\/span> base64.<\/span>urlsafe_b64encode(b<\/span>'{"alg":"none","typ":"JWT"}'<\/span>).<\/span>decode().<\/span>strip("="<\/span>)
<\/span><\/span>payload =<\/span> base64.<\/span>urlsafe_b64encode(b<\/span>'{"user":"admin"}'<\/span>).<\/span>decode().<\/span>strip("="<\/span>)
<\/span><\/span>fake_token =<\/span> f<\/span>"<\/span>{<\/span>header}<\/span>.<\/span>{<\/span>payload}<\/span>."<\/span>
<\/span><\/span><\/code><\/pre>防御方案<\/h4>

强制指定允许的算法列表<\/li>
拒绝 alg: none<\/code> 的 Token<\/li>
示例安全代码:
jwt.<\/span>decode(token, key=<\/span>"secret"<\/span>, algorithms=<\/span>["HS256"<\/span>])  # 明确指定算法<\/span>
<\/span><\/span><\/code><\/pre><\/li>
<\/ul>
3. 弱密钥攻击<\/h3>
漏洞原理<\/h4>
当使用弱密钥(如"secret"、"123456")时，攻击者可暴力破解签名密钥。<\/p>
实际案例<\/h4>
某系统使用默认密钥"secret"，攻击者通过字典攻击获取密钥后伪造任意 Token。<\/p>
利用工具<\/h4>

hashcat: hashcat -m 16500 jwt.txt wordlist.txt<\/code><\/li>
jwt_tool: python3 jwt_tool.py -C -t <token> -d wordlist.txt<\/code><\/li>
<\/ul>
防御方案<\/h4>

使用强随机密钥(至少32字节)<\/li>
定期轮换密钥<\/li>
使用非对称加密算法(如RS256)<\/li>
<\/ul>
4. 签名验证缺失<\/h3>
漏洞原理<\/h4>
服务端未验证 Token 签名，仅解码 Payload 就信任其内容。<\/p>
代码示例(漏洞代码)<\/h4>
# 错误:未验证签名<\/span>
<\/span><\/span>def<\/span> get_user<\/span>(token):
<\/span><\/span>    payload =<\/span> jwt.<\/span>decode(token, verify=<\/span>False<\/span>)  # 关闭验证<\/span>
<\/span><\/span>    return<\/span> payload.<\/span>get("user"<\/span>)
<\/span><\/span><\/code><\/pre>防御方案<\/h4>

始终验证签名<\/li>
示例安全代码:
jwt.<\/span>decode(token, key=<\/span>"secret"<\/span>, algorithms=<\/span>["HS256"<\/span>], verify=<\/span>True<\/span>)
<\/span><\/span><\/code><\/pre><\/li>
<\/ul>
三、JWT 安全最佳实践<\/h2>

最小化 Payload<\/strong>：仅存储必要标识信息<\/li>
强制算法验证<\/strong>：明确指定允许的算法列表<\/li>
使用强密钥<\/strong>：避免默认或弱密钥<\/li>
设置合理有效期<\/strong>：使用 exp<\/code> 声明过期时间<\/li>
HTTPS 传输<\/strong>：防止 Token 被窃听<\/li>
安全存储<\/strong>：避免 XSS 导致 Token 泄露<\/li>
黑名单机制<\/strong>：对已注销 Token 进行管理<\/li>
<\/ol>
四、JWT 安全配置示例<\/h2>
安全生成 Token (Python)<\/h3>
import<\/span> jwt
<\/span><\/span>import<\/span> datetime
<\/span><\/span>
<\/span><\/span># 使用强密钥<\/span>
<\/span><\/span>SECRET_KEY =<\/span> "a_very_long_and_random_secret_key_here"<\/span>
<\/span><\/span>
<\/span><\/span>def<\/span> create_token<\/span>(user_id):
<\/span><\/span>    payload =<\/span> {
<\/span><\/span>        "user_id"<\/span>: user_id,  # 仅存储必要标识<\/span>
<\/span><\/span>        "exp"<\/span>: datetime.<\/span>datetime.<\/span>utcnow() +<\/span> datetime.<\/span>timedelta(hours=<\/span>1<\/span>),  # 1小时后过期<\/span>
<\/span><\/span>        "iat"<\/span>: datetime.<\/span>datetime.<\/span>utcnow()  # 签发时间<\/span>
<\/span><\/span>    }
<\/span><\/span>    return<\/span> jwt.<\/span>encode(payload, SECRET_KEY, algorithm=<\/span>"HS256"<\/span>)
<\/span><\/span><\/code><\/pre>安全验证 Token (Python)<\/h3>
def<\/span> verify_token<\/span>(token):
<\/span><\/span>    try<\/span>:
<\/span><\/span>        # 明确指定算法，强制验证签名和过期时间<\/span>
<\/span><\/span>        payload =<\/span> jwt.<\/span>decode(
<\/span><\/span>            token, 
<\/span><\/span>            SECRET_KEY, 
<\/span><\/span>            algorithms=<\/span>["HS256"<\/span>],
<\/span><\/span>            options=<\/span>{"verify_exp"<\/span>: True<\/span>}
<\/span><\/span>        )
<\/span><\/span>        return<\/span> payload
<\/span><\/span>    except<\/span> jwt.<\/span>ExpiredSignatureError:
<\/span><\/span>        raise<\/span> Exception<\/span>("Token expired"<\/span>)
<\/span><\/span>    except<\/span> jwt.<\/span>InvalidTokenError:
<\/span><\/span>        raise<\/span> Exception<\/span>("Invalid token"<\/span>)
<\/span><\/span><\/code><\/pre>五、总结<\/h2>
JWT 是一种强大的身份验证机制，但错误实现会导致严重安全漏洞。开发者必须：<\/p>

理解 JWT 的工作原理<\/li>
识别常见漏洞模式<\/li>
实施安全最佳实践<\/li>
定期审计现有实现<\/li>
<\/ol>
通过正确配置和安全编码，可以充分发挥 JWT 的优势，同时避免潜在的安全风险。<\/p>

JWT 原理与漏洞深度解析及攻防实战<\/h1>

一、JWT 原理详解<\/h2>

二、JWT 漏洞场景深度剖析<\/h2>

1. 敏感信息泄露<\/h3>

漏洞原理<\/h4> JWT 的 Payload 仅通过 Base64 编码，未加密<\/strong>。若开发者将敏感数据(如密码、密钥、手机号)存入 Payload，攻击者可轻易解码获取信息。<\/p>

2. 接受任意签名(alg: none 攻击)<\/h3>

漏洞原理<\/h4> 当服务端未强制校验签名算法时，攻击者可篡改 Header 的 alg<\/code> 为 none<\/code>，绕过签名验证。<\/p>

3. 弱密钥攻击<\/h3>

漏洞原理<\/h4> 当使用弱密钥(如"secret"、"123456")时，攻击者可暴力破解签名密钥。<\/p>

实际案例<\/h4> 某系统使用默认密钥"secret"，攻击者通过字典攻击获取密钥后伪造任意 Token。<\/p>

4. 签名验证缺失<\/h3>

漏洞原理<\/h4> 服务端未验证 Token 签名，仅解码 Payload 就信任其内容。<\/p>

四、JWT 安全配置示例<\/h2>

漏洞原理<\/h4>
JWT 的 Payload 仅通过 Base64 编码，未加密<\/strong>。若开发者将敏感数据(如密码、密钥、手机号)存入 Payload，攻击者可轻易解码获取信息。<\/p>

漏洞原理<\/h4>
当服务端未强制校验签名算法时，攻击者可篡改 Header 的 `alg<\/code> 为 none<\/code>，绕过签名验证。<\/p>`

漏洞原理<\/h4>
当使用弱密钥(如"secret"、"123456")时，攻击者可暴力破解签名密钥。<\/p>

实际案例<\/h4>
某系统使用默认密钥"secret"，攻击者通过字典攻击获取密钥后伪造任意 Token。<\/p>

漏洞原理<\/h4>
服务端未验证 Token 签名，仅解码 Payload 就信任其内容。<\/p>