/JWTSploit-HMAC-algSwap-admin

Ruby script made to solve JWT attack challenge. Swaps algorithim in JWT header from RS256 to HS256 and swaps user value in JWT payload to admin. Verifies signature with public key file. Decodes JWT value and prints to standard output, also prints new JWT value for admin user.

Primary LanguageRuby

Stargazers

No one’s star this repository yet.