Skip to content

Instantly share code, notes, and snippets.

@Sh1Yo
Last active Jul 31, 2022
Embed
What would you like to do?
fuzz json web tokens with mitmproxy
import json
import base64
import hmac
import hashlib
def create_signed_token(key, header, body):
encoded_header = base64.urlsafe_b64encode(header).decode().strip('=')
encoded_body = base64.urlsafe_b64encode(body).decode().strip('=')
jwt_data = encoded_header + '.' + encoded_body
d = hmac.new(key, jwt_data.encode('utf-8'), 'sha256')
dig = d.digest()
signature = base64.urlsafe_b64encode(dig).decode().strip('=')
return jwt_data + '.' + signature
def request(flow):
# get a payload from the 'jwt' query parameter
payload = ""
if "jwt" in flow.request.query:
payload = flow.request.query["jwt"]
del(flow.request.query["jwt"])
#create initial parts of JWT
jwt_header = b'{"typ":"JWT","alg":"HS256"}'
jwt_body = b'{"role":FUZZ}'
secret = b'secret_key'
# add the payload to the jwt body
jwt_body = jwt_body.replace(b"FUZZ", json.dumps(payload).encode('UTF-8'))
# generate jwt with the secret key - "secret_key"
jwt = create_signed_token(secret, jwt_header, jwt_body)
# set Authorization header with our jwt token
flow.request.headers["Authorization"] = jwt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment