Skip to content

Fix weak password checks not running in scan mode #138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
tera-si wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix weak password checks not running in scan mode #138

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions jwt_tool.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1525,11 +1525,10 @@ def scanModePlaybook():
cprintc("External service interactions not tested - enter listener URL into 'jwtconf.ini' to try this option", "red")
# Accept Common HMAC secret (as alterative signature)
with open(config['input']['wordlist'], "r", encoding='utf-8', errors='ignore') as commonPassList:
commonPass = commonPassList.readline().rstrip()
while commonPass:
for commonPass in commonPassList:
commonPass = commonPass.rstrip()
newSig, newContents = signTokenHS(headDict, paylDict, commonPass, 256)
jwtOut(newContents+"."+newSig, "Checking for alternative accepted HMAC signatures, based on common passwords. Testing: "+commonPass+"", "This token can exploit a hard-coded common password in the config")
commonPass = commonPassList.readline().rstrip()
# SCAN COMPLETE
cprintc("Scanning mode completed: review the above results.\n", "magenta")
# Further manual testing: check expired token, brute key, find Public Key, run other scans
Expand Down