Tag: jwt

All the articles with the tag "jwt".

WriteUp Token Of Love - TheHackersLabs
Writeup narrating the exploitation in "Token Of Love," where a hidden clue in IPFS is deciphered to obtain the private key and manipulate the JWT. Vulnerabilities in Node.js are exploited to achieve RCE, and by using sudo with tee and a vulnerability in rsync wildcards, privilege escalation to root is achieved.

WriteUp Token Of Love - TheHackersLabs