Plz provide some hints
An Issue being in JWT payload. An unknown error which redirects to logout page,
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiaWF0IjoxNjk1MTI3NjQ5fQ.zB-h42XgbiotIK8j00ZuTvdM69lgjQH04wmCsrap2kM
Created this final payload using JWT tool.
The source code says
Middle ware.js
const JWTHelper = require('../helpers/JWTHelper');
module.exports = async (req, res, next) => {
try{
if (req.cookies.session === undefined) {
if(!req.is('application/json')) return res.redirect('/');
return res.status(401).json({ status: 'unauthorized', message: 'Authentication expired, please login again!' });
}
return JWTHelper.verify(req.cookies.session)
.then(user => {
req.user = user;
next();
})
.catch(() => {
res.redirect('/logout');
});
JWT HELPER .js
async verify(token) {
return jwt.verify(token, process.env.JWT_SECRET, {
algorithm: 'HS256'
});
index.js
router.get('/admin', AuthMiddleware, async (req, res) => {
if (req.user.username !== 'admin') return res.redirect('/dashboard');
let flag = execSync('/readflag').toString();
return res.render('admin.html', { flag });
});
router.get('/dashboard', AuthMiddleware, async (req, res) => {
if (req.user.username == 'admin') return res.redirect('/admin');
return db.listInvoice(req.user.username)
.then(invoices => {
return res.render('dashboard.html', {user: req.user, invoices});
})
.catch(e => {
res.send(response('Something went wrong!'));
});
});
Hackers NEED your HELP
An Issue being in JWT payload. An unknown error which redirects to logout page,
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiaWF0IjoxNjk1MTI3NjQ5fQ.zB-h42XgbiotIK8j00ZuTvdM69lgjQH04wmCsrap2kM
Created this final payload using JWT tool.
The source code says
Middle ware.js
const JWTHelper = require('../helpers/JWTHelper');
module.exports = async (req, res, next) => {
try{
if (req.cookies.session === undefined) {
if(!req.is('application/json')) return res.redirect('/');
return res.status(401).json({ status: 'unauthorized', message: 'Authentication expired, please login again!' });
}
return JWTHelper.verify(req.cookies.session)
.then(user => {
req.user = user;
next();
})
.catch(() => {
res.redirect('/logout');
});
JWT HELPER .js
async verify(token) {
return jwt.verify(token, process.env.JWT_SECRET, {
algorithm: 'HS256'
});
index.js
router.get('/admin', AuthMiddleware, async (req, res) => {
if (req.user.username !== 'admin') return res.redirect('/dashboard');
let flag = execSync('/readflag').toString();
return res.render('admin.html', { flag });
});
router.get('/dashboard', AuthMiddleware, async (req, res) => {
if (req.user.username == 'admin') return res.redirect('/admin');
return db.listInvoice(req.user.username)
.then(invoices => {
return res.render('dashboard.html', {user: req.user, invoices});
})
.catch(e => {
res.send(response('Something went wrong!'));
});
});
Hackers NEED your HELP
