Novel-Plus default JWT Key
This vulnerability can cause an attacker to construct a custom session, which can be every user session.
The novel-plus project default JWT Key is Hard coded In the project config file.
After a lot of testing，I found many websites use it(default jwt key).In addition, the site's login verification is weak so that it can be bypassed.Such as the backend API.
So，we can use it generate every user session attack the website get the other user permissions or information.
Similarly, we can run an Admin session in the local setup and use it to attack because they all use the same JWT Key, but this approach is time-limited.
本文系作者 @孤独常伴 原创发布在 L0ne1y。未经许可，禁止转载。