Halftone Studio
Print-on-demand fulfilment for indie merch brands. Brand-side dashboards, weekly payout windows, and an internal admin payouts view all ride on the same in-house auth layer rolled out last quarter.
The Scenario
Halftone Studio, founded 2021, routes orders from about eight hundred indie merch storefronts to a shifting roster of printers across three continents. The platform migrated off raw API keys to a new in-house auth layer last quarter — a contractor shipped it on a tight cutover window, and the senior engineer who would have read the verifier code closely had already given notice. With a Series A data room opening next month the compliance team wants a third-party look first.
Challenge Intel
Synopsis
Halftone's JWT verifier calls jwt.decode with the RSA public key PEM and algorithms=[RS256, HS256]. Sign an HS256 token using the public PEM string as the HMAC secret and the admin payouts page renders the flag.
What It Is
Classic algorithm-confusion. The server initialises an RSA keypair at startup, issues RS256 tokens, and publishes the public key at /.well-known/jwks.json and /public.pem. The verifier passes both RS256 and HS256 to algorithms= and uses the public PEM string as the key argument — so a token signed HS256 with the public PEM as the HMAC secret verifies, letting the player forge an admin token. The footer "Status" link to /__health surfaces the algorithms list. /admin/payouts renders FLAG when role=="admin".
Who It's For
Players comfortable with JWT structure (header.payload.signature) who can run a short PyJWT or jose snippet. No reverse engineering; the verifier's intent is given away by the status endpoint.
Skills You'll Practice
- Reading JWT headers and identifying the signing algorithm
- Recognising algorithm-confusion in a permissive verifier
- Forging HMAC-signed tokens using a published public key
What You'll Gain
- Always pin verifiers to a single algorithm explicit per key type
- Public keys are public for a reason — assume the attacker has them
- Verifier algorithm allow-lists are part of your threat model
Ready to hack Halftone Studio?
This challenge is free. Sign up and start hacking.