Skip to content

Simple script to brute force JWT token signature

Notifications You must be signed in to change notification settings

irgoncalves/jwtbf

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 

Repository files navigation

jwtbf.py - Simple script to brute force JWT token signature using a wordlist

For JWT info, refer to https://jwt.io/introduction/

Requirements

This script requires PyJWT Package Refer to this link for proper documentation/installation https://pypi.python.org/pypi/PyJWT

Usage

For usage, supplies when asked JWT token then the target wordlist

user@host:~/jwtbf# python jwtbf.py
Enter JWT token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
Enter wordlist name:wordlist.txt
Failed to verify token signature with the following key: test
Failed to verify token signature with the following key: test2
Success. Token decoded with the following key:secret
{u'admin': True, u'sub': u'1234567890', u'name': u'John Doe'}

About

Simple script to brute force JWT token signature

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages