Skip to content

Instantly share code, notes, and snippets.

@pich4ya

pich4ya/crack_jwt.txt

Last active June 19, 2023 16:13
Show Gist options
  • Save pich4ya/f76280b7a6af67a9adf740f3ee547689 to your computer and use it in GitHub Desktop.
Save pich4ya/f76280b7a6af67a9adf740f3ee547689 to your computer and use it in GitHub Desktop.
Download ZIP
Crack JWT (HMAC) with HashCat/JohnTheRipper on MacOS
Raw
crack_jwt.txt
Target:
{
"alg": "HS256",
"typ": "JWT"
}
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
$ echo -n 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.hWgU00w-Sq8jKHr7MD5DSUCMznj5GtHVARKNFgljc9A' > /tmp/jwt.hash
1. HashCat (v.4.1.0)
$ brew install hashcat
$ hashcat -h |grep JWT
16500 | JWT (JSON Web Token) | Network Protocols
$ hashcat -m 16500 /tmp/jwt.hash /path/to/wordlist.txt
...
eyJhbGciOiJ....GtHVARKNFgljc9A:p@ssw0rd
Session..........: hashcat
Status...........: Cracked
Hash.Type........: JWT (JSON Web Token)
...
2. john
; default john on Kali and MacOS's brew do not support JWT Cracking.
$ brew install gcc openssl
$ brew upgrade gcc
$ brew upgrade openssl
$ git clone https://github.com/Sjord/jwtcrack
$ cd jwtcrack/jwtcrack
$ python jwt2john.py eyJhbGciOiJI...c9A > /tmp/jwt.john
$ git clone https://github.com/magnumripper/JohnTheRipper
$ cd JohnTheRipper/src
$ ./configure CPPFLAGS="-I/usr/local/opt/openssl/include" LDFLAGS="-L/usr/local/opt/openssl/lib" --disable-pkg-config
$ make clean && make
$ make install
$ ../run/john /tmp/jwt.john --wordlist /path/to/wordlist.txt
3. don't use jwtcrack.py, it's suck.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment