#utility #convert #algorithm #web-services #none

app jwtvoid

Utility to convert existing JWTs to the “none” algorithm

1 unstable release

0.1.0 Jun 29, 2021

MIT license

4KB
59 lines

jwtvoid

A utility to convert existing JWTs (JSON Web Tokens) to the none algorithm.

This can be used to discover vulnerabilities in web services and JWT libraries.

Installation

cargo install jwtvoid

Usage

# One JWT
echo "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" | jwtvoid

# Multiple JWT
cat jwts.txt | jwtvoid

License

MIT License: see LICENSE file for more information.

Dependencies

~450KB