LEVEL: BEGINNER
OP: JWT-TOKEN
[ API AUDIT ]
JWT tokens are used to maintain sessions in modern apps. They usually consist of 3 parts separated by dots. The middle part (payload) is in Base64 and contains user data.
Objective: Extract and decode the payload (the middle part) of this intercepted token to steal the flag.
JWT tokens are used to maintain sessions in modern apps. They usually consist of 3 parts separated by dots. The middle part (payload) is in Base64 and contains user data.
Objective: Extract and decode the payload (the middle part) of this intercepted token to steal the flag.
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwicm9sZSI6InVzZXIiLCJmbGFnIjoiRkxBR3tqd3RfcDR5bDA0ZF8zeHAwczNkfSIsImlhdCI6MTUxNjIzOTAyMn0.
Hint: Use the JWT decoding tool from your top panel.
submit OP-JWT-TOKEN FLAG{...}