Details

Category: Vulnerabilities

Publisher: trickest-mhmdiaa

Created Date: 2/5/2022

Container: quay.io/trickest/jwt-tool:eb411ea

Source URL: https://github.com/ticarpi/jwt_tool

Parameters

jwt
string
required
Command: - The JWT to tinker with (no need to specify if in header/cookies)
bare
string
Command: --bare - Return TOKENS ONLY
mode
string
Command: --mode - Scanning mode: pb = playbook audit, er = fuzz existing claims to force errors, cc = fuzz common claims, at - All Tests!
sign
string
Command: --sign - Sign the resulting token
crack
boolean
Command: --crack - Crack key for an HMAC-SHA token
query
string
Command: --query - Query a token ID against the logfile to see the details of that request
tamper
boolean
Command: --tamper - Tamper with the JWT contents
cookies
string
Command: --cookies - Request cookies to send with the forged HTTP request
exploit
string
Command: --exploit - Exploit known vulnerabilities: a = alg:none, signature, b = blank password accepted in signature, s = spoof JWKS, k = key confusion (specify public key with -pk), i = inject inline JWKS
headers
string
Command: --headers - Request headers to send with the forged HTTP request (can be used multiple times for additional headers)
noproxy
string
Command: --noproxy - Disable proxy for current request
pub-key
file
Command: --pubkey - Public Key for Asymmetric crypto
verbose
string
Command: --verbose - When parsing and printing, produce (slightly more) verbose output
jwks-url
string
Command: --jwksurl - URL location where you can host a spoofed JWKS
jwksfile
file
Command: --jwksfile - JSON Web Key Store for Asymmetric crypto
key-file
file
Command: --keyfile - Keyfile for cracking (when signed with 'kid' attacks)
postdata
string
required
Command: --postdata - Text string that contains all the data to be sent in a POST request
priv-key
file
Command: --privkey - Private Key for Asymmetric crypto
target-url
string
required
Command: --targeturl - Target URL
verify-rsa
string
Command: --verify - Verify the RSA signature against a Public Key
canaryvalue
string
required
Command: --canaryvalue - Text string that appears in response for valid token (e.g. Welcome, ticarpi)
headerclaim
string
Command: --headerclaim - Header claim to tamper with
headervalue
string
Command: --headervalue - Value (or file containing values) to inject into tampered header claim
injectclaims
string
Command: --injectclaims - Inject new claims and update existing claims with new values
payloadclaim
string
Command: --payloadclaim - Payload claim to tamper with
payloadvalue
string
Command: --payloadvalue - Value (or file containing values) to inject into tampered payload claim
dict-file-crack
file
Command: --dict - Dictionary file for cracking