June 12, 2020

997 words 5 mins read

ticarpi/jwt_tool

ticarpi/jwt_tool

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
repo name ticarpi/jwt_tool
repo link https://github.com/ticarpi/jwt_tool
homepage
language Python
size (curr.) 186 kB
stars (curr.) 1206
created 2017-01-23
license GNU General Public License v3.0

Supported Python versions GPLv3 license

The JSON Web Token Toolkit

jwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens).

Its functionality includes:

  • Checking the validity of a token
  • Testing for known exploits:
    • (CVE-2015-2951) The alg=none signature-bypass vulnerability (CVE-2015-2951)
    • (CVE-2016-10555) The RS/HS256 public key mismatch vulnerability
    • (CVE-2018-0114) Key injection vulnerability
  • Testing the validity of a secret/key file/Public Key/JWKS key
  • Identifying weak keys via a High-speed Dictionary Attack
  • Forging new token header and payload contents and creating a new signature with the key or via another attack method
  • Timestamp tampering
  • RSA and ECDSA key generation, and reconstruction (from JWKS files)
  • …and lots more!

Audience

This tool is written for pentesters, who need to check the strength of the tokens in use, and their susceptibility to known attacks. A range of tampering, signing and verifying options are available to help delve deeper into the potential weaknesses present in some JWT libraries.
It has also been successful for CTF challengers - as CTFs seem keen on JWTs at present.
It may also be useful for developers who are using JWTs in projects, but would like to test for stability and for known vulnerabilities when using forged tokens.

Requirements

This tool is written natively in Python 3 using the common libraries, however the cryptographic funtions do require the installation of the pycryptodomex Python library.
Python 3.6 is the minimum supported version.
(An older Python 2.x version is available for those who need it on the legacy branch, although this will no longer be supported or updated - as of October 2019)

Installation

Installation is just a case of downloading the jwt_tool.py file (or git cloneing the repo).
(chmod the file too if you want to add it to your $PATH and call it from anywhere.)

$ git clone https://github.com/ticarpi/jwt_tool
$ pip3 install pycryptodomex

Usage

The first argument should be the JWT itself. Providing no additional arguments will take you to the interactive menu. $ python3 jwt_tool.py <JWT>

The toolkit will validate the token and list the header and payload values.
It will then provide a menu of your available options.

Input is in either standard or url-safe JWT format, and the resulting tokens are output in both formats for your ease of use.

Additional arguments

The many additional arguments will take you straight to the appropriate function and return you a token ready to use in your tests.
For example, to test the alg:none exploit run the following:
$ python3 jwt_tool.py eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJsb2dpbiI6InRpY2FycGkifQ.aqNCvShlNT9jBFTPBpHDbt2gBB1MyHiisSDdp8SQvgw -A

Extra parameters

Some options such as Verifying tokens require additional parameters/files to be provided:
$ python3 jwt_tool.py eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJsb2dpbiI6InRpY2FycGkifQ.aqNCvShlNT9jBFTPBpHDbt2gBB1MyHiisSDdp8SQvgw -V -pk public.pem

Help

For a list of options call the usage function: Some options such as Verifying tokens require additional parameters/files to be provided:
$ python3 jwt_tool.py -h

A more detailed user guide can be found on the wiki page.

JWT Attack Playbook - new wiki content!

playbook_logo

Head over to the JWT Attack Playbook for a detailed run-though of what JWTs are, what they do, and a full workflow of how to thoroughly test them for vulnerabilities, common weaknesses and unintended coding errors.

Version History/Changelog

v1.3

  • November 2019
  • Python 3.x
  • [+] Commandline argument processing for automation
  • [+] Support for tampering, signing and verifying all JWT documented algorithms:
    • RS256/RS384/RS512
    • EC256/EC384/EC512
    • PS256/PS384/PS512
  • [+] EXPLOIT: Injection of self-signed Public Key (CVE-2018-0114)
  • [+] Timestamp parsing
  • [+] Expiry check
  • [+] Timestamp tampering
  • [+] Tamper nested JSON in claim values
  • [+] Key generation: RSA, ECDSA
  • [+] Key reconstruction from JWKS files: RSA, ECDSA
  • [+] Key verification from JWKS files
  • [+] JWKS file generation from RSA key pairs
  • Bugfixes:
    • Cleaning up code dead-ends and error conditions

v1.2.1

  • October 2019
  • Python 3.x
  • [+] ADD and DELETE keys/claims from head and payload
  • [+] New ASCII art(!)
  • [+] Added feedback for long dictionaries - every 1 million passwords
  • [+] Added advice for using hashcat when dictionary attack fails
  • Bugfixes:
    • Squashed errors on invalid input
    • Patched an issue with dictionary attack, with not UTF-8 words in list.

v1.2

  • October 2019
  • Python 3.x
  • [+] Fully converted to Python 3
  • [+] Improved menu
  • [+] Improved workflow
  • [+] Groundwork for some new features coming soon…

v1.1.1

  • October 2019
  • Python 2.x
  • Bugfixes:
    • Corrected the alg=none issue by adding a non-capitalised version to output
    • Fixed excessive load times when using a large dictionary file
    • Other minor tweaks

v1.1

  • June 2018
  • Python 2.x
  • [+] Create new header claims
  • [+] Sign with key file (kid)
  • [+] Check signature against key file (kid)
  • [+] Output as standard and URL-safe tokens
  • Bugfixes:
  • Fix broken base64 decoding when certain ASCII characters are present
  • Fix broken signature checking/brute-forcing on URL-safe tokens
  • Many other minor tweaks and improvements

v1.0

  • July 2017
  • Python 2.x
  • [+] Signature recognition
  • [+] Support for HS384, HS512
  • [+] EXPLOIT: RSA Public Key mismatch vulnerability (key confusion)
  • [+] Improved dictionary attack routine

v0.1

  • January 2017
  • Initial release
  • Python 2.x
  • Tamper existing claims
  • EXPLOIT: test for alg:none vulnerability
  • Check HS256 key
  • Crack with HS256 dictionary attack

Tips

Regex for finding JWTs in Burp Search
(make sure ‘Case sensitive’ and ‘Regex’ options are ticked)
[= ]eyJ[A-Za-z0-9_-]*\.[A-Za-z0-9._-]* - url-safe JWT version
[= ]eyJ[A-Za-z0-9_\/+-]*\.[A-Za-z0-9._\/+-]* - all JWT versions (higher possibility of false positives)

Further Reading

python json
comments powered by Disqus
lovasoa/bad_json_parsers

lovasoa/bad_json_parsers

January 12, 2020

Exposing problems in json parsers of several programming languages.
Julian/jsonschema

Julian/jsonschema

November 26, 2019

An(other) implementation of JSON Schema for Python
ijl/orjson

ijl/orjson

August 22, 2019

Fast, correct Python JSON library supporting dataclasses, datetimes, and numpy
jakubroztocil/httpie

jakubroztocil/httpie

June 6, 2019

As easy as HTTPie /aitch-tee-tee-pie/ Modern command line HTTP client user-friendly curl alternative with intuitive UI, JSON support, syntax highlighting, wget-like downloads, extensions, etc. https://twitter.com/clihttp
alan-turing-institute/sktime

alan-turing-institute/sktime

June 12, 2020

A scikit-learn compatible Python toolbox for machine learning with time series
bridgecrewio/checkov

bridgecrewio/checkov

June 12, 2020

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes and other infrastructure-as-code-languages with Checkov by Bridgecrew.
elliottwu/unsup3d

elliottwu/unsup3d

June 12, 2020

(CVPR'20 Oral) Unsupervised Learning of Probably Symmetric Deformable 3D Objects from Images in the Wild
streamlit/demo-self-driving

streamlit/demo-self-driving

June 12, 2020

Streamlit app demonstrating an image browser for the Udacity self-driving-car dataset with realtime object detection using YOLO.
KhoaSuperman/findseat

KhoaSuperman/findseat

June 11, 2020

A Completed Functional Flutter App - FindSeat (BLoC + Json API + Unit Test + Firebase Auth)