Lin-cms-Spring-Boot default JWT Key
This vulnerability can cause an attacker to construct a custom session, which can be an administrator session.
The Lin-cms-Spring-Boot project default JWT Key is Hard coded In the project config file.
After a lot of testing，I found many websites use it(default jwt key).
In addition, the site's login verification is weak so that it can be bypassed.
In the project，admin's id(identify) is 1.
So，we can use it generate administrator session attack the website get the administrator privilege.
Similarly, we can run an Admin session in the local setup and use it to attack because they all use the same JWT Key, but this approach is time-limited.
本文系作者 @孤独常伴 原创发布在 L0ne1y。未经许可，禁止转载。