Search the Community
Showing results for tags 'tokens'.
The search index is currently processing. Current results may not be complete.
Found 2 results
a topic posted itsMe in Pentestingjwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for the alg=None signature-bypass vulnerability Testing the validity of a secret/key/key file Identifying weak keys via a High-speed Dictionary Attack Forging new token header and payload values and creating a new signature with the key or via another attack method [HIDE][Hidden Content]]
a topic posted 1337day-Exploits in Updated ExploitsNUUO CMS suffers from directory traversal, predictable session token, unauthenticated remote code execution, and various other vulnerabilities. Multiple metasploit modules included and various versions are affected by the various vulnerabilities. View the full article