jwt-tool - Trickest Platform Documentation

Details

Category: Vulnerabilities

Publisher: trickest-mhmdiaa

Created Date: 2/5/2022

Container: quay.io/trickest/jwt-tool:eb411ea

Source URL: https://github.com/ticarpi/jwt_tool

Parameters

jwt

string

required

Command: - The JWT to tinker with (no need to specify if in header/cookies)

bare

string

Command: --bare - Return TOKENS ONLY

mode

string

Command: --mode - Scanning mode: pb = playbook audit, er = fuzz existing claims to force errors, cc = fuzz common claims, at - All Tests!

sign

string

Command: --sign - Sign the resulting token

crack

boolean

Command: --crack - Crack key for an HMAC-SHA token

query

string

Command: --query - Query a token ID against the logfile to see the details of that request

tamper

boolean

Command: --tamper - Tamper with the JWT contents

string

Command: --cookies - Request cookies to send with the forged HTTP request

exploit

string

Command: --exploit - Exploit known vulnerabilities: a = alg:none, signature, b = blank password accepted in signature, s = spoof JWKS, k = key confusion (specify public key with -pk), i = inject inline JWKS

headers

string

Command: --headers - Request headers to send with the forged HTTP request (can be used multiple times for additional headers)

noproxy

string

Command: --noproxy - Disable proxy for current request

pub-key

file

Command: --pubkey - Public Key for Asymmetric crypto

verbose

string

Command: --verbose - When parsing and printing, produce (slightly more) verbose output

jwks-url

string

Command: --jwksurl - URL location where you can host a spoofed JWKS

jwksfile

file

Command: --jwksfile - JSON Web Key Store for Asymmetric crypto

key-file

file

Command: --keyfile - Keyfile for cracking (when signed with 'kid' attacks)

postdata

string

required

Command: --postdata - Text string that contains all the data to be sent in a POST request

priv-key

file

Command: --privkey - Private Key for Asymmetric crypto

target-url

string

required

Command: --targeturl - Target URL

verify-rsa

string

Command: --verify - Verify the RSA signature against a Public Key

canaryvalue

string

required

Command: --canaryvalue - Text string that appears in response for valid token (e.g. Welcome, ticarpi)

headerclaim

string

Command: --headerclaim - Header claim to tamper with

headervalue

string

Command: --headervalue - Value (or file containing values) to inject into tampered header claim

injectclaims

string

Command: --injectclaims - Inject new claims and update existing claims with new values

payloadclaim

string

Command: --payloadclaim - Payload claim to tamper with

payloadvalue

string

Command: --payloadvalue - Value (or file containing values) to inject into tampered payload claim

dict-file-crack

file

Command: --dict - Dictionary file for cracking

Library

Details

Parameters