how i make 6,000$ with jwt manipulation on web3 crypto application ?

Hey everyone, it’s Zac0x01. 🚀 Today, I’m thrilled to share a major discovery in my journey through a Web3 cryptocurrency platform. 🌐 This app is all about getting you verified to unleash the power of BTC, USDT, and ETH transactions.

In my exploration, I decided to compare the ins and outs of verified and unverified accounts. 🕵️‍♂️ As I delved into the platform, I stumbled upon some discrepancies in endpoints between the two account types. Enter JWT (JSON Web Token) manipulation.

With tools like Burp, I pinpointed exclusive endpoints for verified accounts. 🎯 With some match and replace wizardry, I swapped the JWT of a verified user with that of a non-verified one. As I continued using the account, I witnessed dynamic changes in the JWT tokens. 🔄

And guess what? Over time, I cracked the code and successfully bypassed the KYC (Know Your Customer) verification process. 🚧 This meant unlocking BTC and ETH addresses, essentially giving me the keys to operate the account like a verified user without the standard ID verification hassle.

It’s crucial to recognize that KYC is in place on cryptocurrency platforms to thwart fraud and money laundering, especially considering the world of deep web BTC and crypto mixers. 🕵️‍♂️💰

Reported on November 9, 2023

triaged on November 9, 2023

rewarded on November 13, 2023

Thank you :)