Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-10555 PoC — jwt-simple 安全漏洞

Source
https://github.com/thepcn3rd/jwtToken-CVE-2016-10555
Associated Vulnerability
Title:jwt-simple 安全漏洞 (CVE-2016-10555)
Description:Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.
Description
Exploiting the CVE-2016-10555
Readme
# jwtToken-CVE-2016-10555
Exploiting the CVE-2016-10555

Tried to use the jwt_tool located here but ran into some issues: https://github.com/ticarpi/jwt_tool

The code uploaded was taken from the above to accomplish what I needed.

---

Was working with Mutillidae and needed to manipulate the JWT token.  Created the jwtMutillidae.py to conduct the UserID manipulation...
File Snapshot

 [4.0K]  /data/pocs/7ac649e15f8f7d73af5e55f873f617cd47564024
├── [5.6K]  cve.py
├── [3.4K]  jwtMutillidae.py
├── [1.0K]  LICENSE
└── [ 373]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →