MCPcopy
hub / github.com/ticarpi/jwt_tool / tamperToken

Function tamperToken

jwt_tool.py:346–525  ·  view source on GitHub ↗
(paylDict, headDict, sig)

Source from the content-addressed store, hash-verified

344 return newheadDict, newHeadB64
345
346def tamperToken(paylDict, headDict, sig):
347 cprintc("\n====================================================================\nThis option allows you to tamper with the header, contents and \nsignature of the JWT.\n====================================================================", "white")
348 cprintc("\nToken header values:", "white")
349 while True:
350 i = 0
351 headList = [0]
352 for pair in headDict:
353 menuNum = i+1
354 if isinstance(headDict[pair], dict):
355 cprintc("["+str(menuNum)+"] "+pair+" = JSON object:", "green")
356 for subclaim in headDict[pair]:
357 cprintc(" [+] "+subclaim+" = "+str(headDict[pair][subclaim]), "green")
358 else:
359 if type(headDict[pair]) == str:
360 cprintc("["+str(menuNum)+"] "+pair+" = \""+str(headDict[pair])+"\"", "green")
361 else:
362 cprintc("["+str(menuNum)+"] "+pair+" = "+str(headDict[pair]), "green")
363 headList.append(pair)
364 i += 1
365 cprintc("["+str(i+1)+"] *ADD A VALUE*", "white")
366 cprintc("["+str(i+2)+"] *DELETE A VALUE*", "white")
367 cprintc("[0] Continue to next step", "white")
368 selection = ""
369 cprintc("\nPlease select a field number:\n(or 0 to Continue)", "white")
370 try:
371 selection = int(input("> "))
372 except:
373 cprintc("Invalid selection", "red")
374 exit(1)
375 if selection<len(headList) and selection>0:
376 if isinstance(headDict[headList[selection]], dict):
377 cprintc("\nPlease select a sub-field number for the "+pair+" claim:\n(or 0 to Continue)", "white")
378 newVal = OrderedDict()
379 for subclaim in headDict[headList[selection]]:
380 newVal[subclaim] = headDict[pair][subclaim]
381 newVal = buildSubclaim(newVal, headList, selection)
382 headDict[headList[selection]] = newVal
383 else:
384 cprintc("\nCurrent value of "+headList[selection]+" is: "+str(headDict[headList[selection]]), "white")
385 cprintc("Please enter new value and hit ENTER", "white")
386 newVal = input("> ")
387 headDict[headList[selection]] = castInput(newVal)
388 elif selection == i+1:
389 cprintc("Please enter new Key and hit ENTER", "white")
390 newPair = input("> ")
391 cprintc("Please enter new value for "+newPair+" and hit ENTER", "white")
392 newInput = input("> ")
393 headList.append(newPair)
394 headDict[headList[selection]] = castInput(newInput)
395 elif selection == i+2:
396 cprintc("Please select a Key to DELETE and hit ENTER", "white")
397 i = 0
398 for pair in headDict:
399 menuNum = i+1
400 cprintc("["+str(menuNum)+"] "+pair+" = "+str(headDict[pair]), "white")
401 headList.append(pair)
402 i += 1
403 try:

Callers 1

runActionsFunction · 0.85

Calls 8

cprintcFunction · 0.85
buildSubclaimFunction · 0.85
castInputFunction · 0.85
dissectPaylFunction · 0.85
genContentsFunction · 0.85
jwtOutFunction · 0.85
runExploitsFunction · 0.85
signingTokenFunction · 0.85

Tested by

no test coverage detected