-
-
Save ruevaughn/328067fadf926ddb788f98cd0d2d1a71 to your computer and use it in GitHub Desktop.
Crack JWT (HMAC) with HashCat/JohnTheRipper on MacOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Target: | |
| { | |
| "alg": "HS256", | |
| "typ": "JWT" | |
| } | |
| { | |
| "sub": "1234567890", | |
| "name": "John Doe", | |
| "iat": 1516239022 | |
| } | |
| $ echo -n 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.hWgU00w-Sq8jKHr7MD5DSUCMznj5GtHVARKNFgljc9A' > /tmp/jwt.hash | |
| 1. HashCat (v.4.1.0) | |
| $ brew install hashcat | |
| $ hashcat -h |grep JWT | |
| 16500 | JWT (JSON Web Token) | Network Protocols | |
| $ hashcat -m 16500 /tmp/jwt.hash /path/to/wordlist.txt | |
| ... | |
| eyJhbGciOiJ....GtHVARKNFgljc9A:p@ssw0rd | |
| Session..........: hashcat | |
| Status...........: Cracked | |
| Hash.Type........: JWT (JSON Web Token) | |
| ... | |
| 2. john | |
| ; default john on Kali and MacOS's brew do not support JWT Cracking. | |
| $ brew install gcc openssl | |
| $ brew upgrade gcc | |
| $ brew upgrade openssl | |
| $ git clone https://github.com/Sjord/jwtcrack | |
| $ cd jwtcrack/jwtcrack | |
| $ python jwt2john.py eyJhbGciOiJI...c9A > /tmp/jwt.john | |
| $ git clone https://github.com/magnumripper/JohnTheRipper | |
| $ cd JohnTheRipper/src | |
| $ ./configure CPPFLAGS="-I/usr/local/opt/openssl/include" LDFLAGS="-L/usr/local/opt/openssl/lib" --disable-pkg-config | |
| $ make clean && make | |
| $ make install | |
| $ ../run/john /tmp/jwt.john --wordlist /path/to/wordlist.txt | |
| 3. don't use jwtcrack.py, it's suck. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment