https://github.com/irgoncalves/jwtbf
Simple script to brute force JWT token signature
https://github.com/irgoncalves/jwtbf
brute-force jwt
Last synced: 10 months ago
JSON representation
Simple script to brute force JWT token signature
- Host: GitHub
- URL: https://github.com/irgoncalves/jwtbf
- Owner: irgoncalves
- Created: 2016-11-14T17:19:37.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2020-07-05T21:33:03.000Z (almost 6 years ago)
- Last Synced: 2025-04-05T23:25:39.653Z (about 1 year ago)
- Topics: brute-force, jwt
- Language: Python
- Size: 3.91 KB
- Stars: 7
- Watchers: 0
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# jwtbf.py - Simple script to brute force JWT token signature using a wordlist
For JWT info, refer to https://jwt.io/introduction/
# Requirements
This script requires PyJWT Package
Refer to this link for proper documentation/installation https://pypi.python.org/pypi/PyJWT
# Usage
For usage, supplies when asked JWT token then the target wordlist
```
user@host:~/jwtbf# python jwtbf.py
Enter JWT token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
Enter wordlist name:wordlist.txt
Failed to verify token signature with the following key: test
Failed to verify token signature with the following key: test2
Success. Token decoded with the following key:secret
{u'admin': True, u'sub': u'1234567890', u'name': u'John Doe'}
```