jwtear 0.2.0 → 1.0.0.pre

data/jwtear.gemspec

@@ -8,8 +8,8 @@ Gem::Specification.new do |spec|
   spec.authors       = ["KING SABRI"]
   spec.email         = ["king.sabri@gmail.com"]
 
-  spec.summary       = %q{JWTear, command-line tool and library to parse, create and manipulate JWT tokens for security testing purposes.}
-  spec.description   = %q{JWTear, command-line tool and library to parse, create and manipulate JWT tokens for security testing purposes.}
+  spec.summary       = %q{JWTear, a modular command-line tool to parse, create and manipulate JWT tokens for security testing purposes.}
+  spec.description   = %q{JWTear, a modular command-line tool to parse, create and manipulate JWT tokens for security testing purposes.}
   spec.homepage      = "https://github.com/KINGSABRI/jwtear"
   spec.license       = "MIT"
 
@@ -18,5 +18,11 @@ Gem::Specification.new do |spec|
   spec.executables   = ['jwtear']
   spec.require_paths = ["lib"]
 
-  # spec.add_dependency ''
+  spec.add_dependency 'gli',          '~> 2.19', '>= 2.19.0'
+  spec.add_dependency 'json-jwt',     '~> 1.10', '>= 1.10.2'
+  spec.add_dependency 'jwe',          "~> 0.4.0"
+  spec.add_dependency 'tty-markdown', "~> 0.6.0"
+  spec.add_dependency 'tty-pager',    "~> 0.12.1"
+
+  # spec.add_development_dependency('rake', '~> 0.9.2.2')
 end

data/lib/jwtear.rb

@@ -1,25 +1,21 @@
-# Standard libraries
-require 'base64'
-require 'json'
-require 'digest'
-require 'openssl'
-require 'open-uri'
-
 # JWTear
 require_relative 'jwtear/version'
 require_relative 'jwtear/errors'
-require_relative 'jwtear/extensions'
-require_relative 'jwtear/jwt'
-require_relative 'jwtear/utils'
-
+require_relative 'jwtear/helpers/utils'
+require_relative 'jwtear/helpers/extensions'
+require_relative 'jwtear/token'
 
-module  JWTear
-  include JWTear::Utils
+# External gems
+require 'json/jwt'
+require 'tty-markdown'
+require 'tty-pager'
+require 'colorize'
 
-  String.class_eval do
-    include Extensions::Core::String
-  end
-  # NilClass.class_eval do
-  #   include Extensions::Core::NilClass
-  # end
+module JWTear
+  # extend JWTear::Helpers::Extensions::Print
+  # include JWTear::Helpers::Extensions::Print
+  # Kernel.include JWTear::Helpers::Extensions::Print
+  # autoload(:Print, 'jwtear/helpers/extensions')
 end
+
+

data/lib/jwtear/errors.rb

@@ -1,9 +1,16 @@
 module JWTear
 
   # Token
-  class InvalidTokenError < Exception; end
+  # class InvalidTokenError < JSON::JWT::InvalidFormat; end
 
   # Algorithm Errors
-  class AlgorithmRequiresKeyError < TypeError; end
-  class AlgorithmUnknownError < Exception; end
-end
+  # class AlgorithmRequiresKeyError < JSON::JWT::TypeError; end
+  # class AlgorithmUnknownError < JSON::JWS::UnexpectedAlgorithm; end
+  # class InvalidFormat < JSON::JWT::InvalidFormat; end
+  # class Error < StandardError; end
+
+  # class MissingOption < CustomExit
+  #
+  # end
+
+end

data/lib/jwtear/helpers/extensions.rb

@@ -0,0 +1,17 @@
+module JWTear
+  module Helpers
+    module Extensions
+      # Add print styles
+      module Print
+        def print_status(msg);  puts "[*] ".blue   + "#{msg}"; end
+        def print_good(msg);    puts "[+] ".green  + "#{msg}"; end
+        def print_error(msg);   puts "[x] ".red    + "#{msg}"; end
+        def print_bad(msg);     puts "[!] ".red    + "#{msg}"; end
+        def print_warning(msg); puts "[!] ".yellow + "#{msg}"; end
+        def print_h1(msg);  puts  "-[" + "#{msg}".green.bold + "]----"; end
+        def print_h2(msg);  puts  "[+] ".green + "#{msg}:" ; end
+        def print_h3(*msg); print " - ".cyan.bold + "#{msg[0]}:" " #{msg[1..-1].join(' ')}\n" ; end
+      end
+    end
+  end
+end

data/lib/jwtear/helpers/utils.rb

@@ -0,0 +1,71 @@
+module JWTear
+  module Helpers
+    module Utils
+
+      # Check latest version
+      def latest_version
+        begin
+          current_version = JWTear::VERSION
+          rubygem_api     = JSON.parse open("https://rubygems.org/api/v1/versions/jwtear.json").read
+          remote_version  = rubygem_api.first["number"]
+          latest          = remote_version.eql?(current_version)? true : false
+
+          latest ? current_version : remote_version
+        rescue Exception => e
+          print_bad " Couldn't check the latest version, please check internet connectivity."
+          exit!
+        end
+      end
+
+      # read key as a string or from file(eg. pub_key.pem)
+      def read_key(key)
+        if key
+          File.file?(key)? File.read(key) : key
+        end
+      end
+
+      # check_dependencies
+      #   check dependencies for plugins and throw a gentle error if not installed
+      # @param deps [Hash]
+      #   The key is the library to be require, the key is the gem to be required
+      # @example
+      #   deps = {'async-io' => 'async/ip'}
+      #   check_dependencies(deps)
+      #
+      def check_dependencies(deps={})
+        return if deps.empty?
+        missing = []
+
+        deps.each do |gem, req|
+          begin
+            require req
+          rescue LoadError
+            missing << gem
+          end
+        end
+      ensure
+        unless missing.empty?
+          print_error "Missing dependencies!"
+          print_warning "Please install as follows:"
+          puts "gem install #{missing.join(' ')}"
+          exit!
+        end
+      end
+
+      # JWTear's logo
+      def banner
+        %Q{\n    888888 888       888 88888888888
+      "88b 888   o   888     888
+       888 888  d8b  888     888
+       888 888 d888b 888     888   .d88b.   8888b.  888d888
+       888 888d88888b888     888  d8P  Y8b     "88b 888P"
+       888 88888P Y88888     888  88888888 .d888888 888
+       88P 8888P   Y8888     888  Y8b.     888  888 888
+       888 888P     Y888     888   "Y8888  "Y888888 888
+     .d88P                                       v#{JWTear::VERSION}
+   .d88P"
+  888P"    }
+      end
+    end
+  end
+end

data/lib/jwtear/jwe.rb

@@ -0,0 +1,102 @@
+require 'jwe'
+
+module JWTear
+  # JWE
+  #   Takes a parsed token from JSON::JWT#decode
+  #
+  class JWE
+    include JWTear::Helpers::Extensions::Print
+
+    attr_accessor :header, :encrypted_key, :iv, :cipher_text, :authentication_tag,
+                  :kid, :auth_data, :plaintext, :alg, :enc, :zip, :cek,
+                  :iss, :sub, :iat
+
+    # parse
+    #   is a basic parser for JWE token
+    #
+    # @param token [String]
+    #   parsed token string
+    #
+    # @return [Self]
+    #
+    def parse(token)
+      jwt = JSON::JWT.decode(token, :skip_decryption, :skip_verification)
+      @header             = jwt.header
+      @encrypted_key      = jwt.send(:jwe_encrypted_key)
+      @iv                 = jwt.iv
+      @cipher_text        = jwt.cipher_text
+      @authentication_tag = jwt.send(:authentication_tag)
+      @algorithm          = jwt.algorithm
+      @auth_data          = jwt.auth_data
+      @plaintext          = jwt.send(:plain_text)
+      @kid                = jwt.kid
+      @alg                = @header["alg"]
+      @typ                = @header["typ"]
+      @cty                = @header["cty"]
+      @enc                = @header["enc"]
+      @zip                = @header["zip"]
+      @iat                = @encrypted_key["iat"]
+      @iss                = @encrypted_key["iss"]
+      @cek                = @encrypted_key
+      self
+    rescue JSON::JWS::UnexpectedAlgorithm => e
+      puts e.full_message
+    rescue JSON::JWT::InvalidFormat => e
+      print_error e.message
+      puts token
+      exit!
+    end
+
+    def to_json_presentation
+      header = @header
+      if is_encrypted?(@encrypted_key)
+        encrypted_key = Base64.urlsafe_encode64(@encrypted_key, padding: false)
+      else
+        encrypted_key = @encrypted_key.to_json
+      end
+      iv = Base64.urlsafe_encode64(@iv)
+      cipher_text = Base64.urlsafe_encode64(@cipher_text, padding: false)
+      authentication_tag = Base64.urlsafe_encode64(@authentication_tag, padding: false)
+
+      "#{header.to_json}" + "●" +
+      "#{encrypted_key}"  + "●" +
+      "#{iv}"             + "●" +
+      "#{cipher_text}"    + "●" +
+      "#{authentication_tag}"
+    end
+
+    # generate_jwe
+    #   generate JWE token
+    #
+    # @param header [JSON]
+    # @param payload [JSON]
+    # @param key [String]
+    #
+    # @return [String] the generated token
+    #
+    def generate_jwe(header:, payload:, key:)
+      key = OpenSSL::PKey::RSA.new(key)
+      jwt = JSON::JWT.new(JSON.parse(payload, symbolize_names: true))
+      jwt.header = JSON.parse(header, symbolize_names: true)
+      ::JWE.encrypt(payload, key, enc: jwt.header[:enc]) # I had to use this gem as json-jwt does not support A192GCM AFAIK
+    rescue TypeError => e
+      print_bad "Invalid data type."
+      print_warning "Make sure your public/private key file exists."
+    rescue ArgumentError => e
+      print_error e.message
+      print_warning "Make sure that you have a proper header."
+      puts jwt.header
+    rescue OpenSSL::PKey::RSAError => e
+      print_error "#{e.message} '#{key}'"
+      print_warning "Make sure your public/private key file exists."
+      exit!
+    end
+
+    def is_encrypted?(item)
+      JSON.parse item
+      false
+    rescue JSON::ParserError
+      true
+    end
+  end
+end

data/lib/jwtear/jws.rb

@@ -0,0 +1,80 @@
+module JWTear
+  # JWS
+  #   Takes a parsed token from JSON::JWT#decode
+  #
+  class JWS
+    include JWTear::Helpers::Extensions::Print
+
+    attr_accessor :header, :payload, :signature,
+                  :typ, :cty, :alg, :kid, :jku,
+                  :iss, :sub, :iat, :exp, :aud, :hd,
+                  :azp, :email, :at_hash, :email_verified
+
+    # parse
+    #   is a basic parser for JWS token
+    #
+    # @param token [String]
+    #   parsed token string
+    #
+    # @return [Self]
+    #
+    def parse(token)
+      jwt = JSON::JWT.decode(token, :skip_verification)
+      @header    = jwt.header
+      @payload   = jwt.to_h
+      @signature = jwt.signature
+      @alg       = @header["alg"]
+      @typ       = @header["typ"]
+      @cty       = @header["cty"]
+      @kid       = @header["kid"]
+      @jku       = @header["jku"]
+      @iat       = @payload["iat"]
+      self
+    rescue JSON::JWT::InvalidFormat => e
+      print_error e.message
+      puts token
+      exit!
+    rescue Exception => e
+      puts e.full_message
+    end
+
+    def to_json_presentation
+      "#{@header.to_json}" + "●" + "#{@payload.to_json}" + "●" + "#{Base64.urlsafe_encode64(@signature, padding: false)}"
+    end
+
+    # generate_jws
+    #   generate JWS token
+    #
+    # @param header [JSON]
+    # @param payload [JSON]
+    # @param key [String]
+    #
+    # @return [String] the generated token
+    #
+    def generate_jws(header:, payload:, key:)
+      jwt = JSON::JWT.new(JSON.parse(payload, symbolize_names: true))
+      jwt.header = JSON.parse(header, symbolize_names: true)
+      handle_signing(jwt, key)
+    rescue JSON::JWS::UnexpectedAlgorithm => e
+      puts "Unexpected algorithm '#{jwt.header[:alg]}'."
+      puts e.message
+      exit!
+    end
+    
+    private
+
+    # handle_signing
+    #   Handles the algorithm 'none'.
+    # @param jwt [JSON]
+    # @param key [String]
+    #
+    def handle_signing(jwt, key=nil)
+      if jwt.alg =~ /none/i
+        jwt.to_s
+      else
+        raise JSON::JWS::UnexpectedAlgorithm.new("Encryption algorithm '#{jwt.alg}' requires key.") if key.nil?
+        jwt.sign(key).to_s
+      end
+    end
+  end
+end

data/lib/jwtear/token.rb

@@ -0,0 +1,67 @@
+require_relative 'jws'
+require_relative 'jwe'
+
+module JWTear
+  class Token
+    include JWTear::Helpers::Extensions::Print
+
+    def initialize
+      @jws = JWS.new
+      @jwe = JWE.new
+    end
+
+    # parse
+    #   An interface for JWS and JWE parse operation.
+    # @param token [String]
+    #
+    # @return [JWS|JWE]
+    def parse(token)
+      token_segments = token.split('.').size
+      if token_segments <= 3 # JWS
+        @jws.parse(token)
+      else  # JWE
+        @jwe.parse(token)
+      end
+    rescue Exception => e
+      print_error "Unknown Exception: #{method(__method__).owner}"
+      print_warning 'Please report the issue to: https://github.com/KINGSABRI/jwtear/issues'.underline
+      puts e
+      puts e.backtrace
+      exit!
+    end
+
+    # generate
+    #   An interface for JWS and JWE token generation operation.
+    # @param type [Symbol]
+    # @param header [JSON]
+    # @param payload [JSON]
+    # @param key [String]
+    #
+    # @example
+    #   token = JWTear::Token.new
+    #   token.generate(:jws, header: '{"alg":"HS256","typ":"JWT"}', payload: '{"user":"admin"}', key: "P@ssw0rd123")
+    #
+    # @return [JWS | JWE]
+    def generate(type, header:, payload:, key:)
+      case type
+      when :jws
+        @jws.generate_jws(header:header , payload:payload , key:key)
+      when :jwe
+        @jwe.generate_jwe(header:header , payload:payload , key:key)
+      else
+        print_error "Unknown type: #{type}"
+        raise
+      end
+    rescue JSON::ParserError => e
+      print_error "Unexpected Token."
+      puts e.message
+    rescue Exception => e
+      method = method(__method__)
+      print_error "Unknown Exception: #{method.owner}##{method.name}"
+      print_warning 'Please report the issue to: https://github.com/KINGSABRI/jwtear/issues'.underline
+      puts e.full_message
+      exit!
+    end
+  end
+end
+

data/lib/jwtear/version.rb

@@ -1,3 +1,3 @@
 module JWTear
-  VERSION = "0.2.0"
+  VERSION = "1.0.0.pre"
 end

data/plugins/bruteforce.rb

@@ -0,0 +1,103 @@
+module JWTear
+  module CLI
+    extend GLI::App
+    extend JWTear::Helpers::Extensions::Print
+
+    desc  %Q{plugin to offline bruteforce and crack token's signature.}
+    command [:bruteforce, :bfs] do |c|
+      c.desc 'Token to crack its key.'
+      c.arg_name 'JWT_TOKEN'
+      c.flag [:t, :token], required: true
+
+      c.desc 'Password or password list to bruteforce the signature'
+      c.arg_name 'PASS_LIST'
+      c.flag [:l, :p, :list, :password], required: true
+
+      c.desc "Run verbosely."
+      c.switch [:v, :verbose], negatable: false
+
+      c.example  %Q{jwtear bruteforce -t TOKEN -l rockyou.list -v}
+      c.example  %Q{jwtear bruteforce -t TOKEN -l P@ssw0rd123}
+
+      c.action do |_, options, _|
+        begin
+          bf = Bruteforce.new(options[:token], options[:list])
+          bf.run(options[:verbose])
+        end
+      end
+
+    end
+  end
+
+  class Bruteforce
+    include JWTear::Helpers::Extensions::Print
+    include JWTear::Helpers::Utils
+
+    def initialize(token, list)
+      deps = {'async-io' => 'async/io'}
+      check_dependencies(deps)
+      @token = Token.new
+      @jws   = @token.parse(token)
+      @list  = list
+    end
+
+    def run(verbose=false)
+      keys = handle_key
+      case
+      when keys.kind_of?(Enumerator::Lazy)
+        keys.each do |key|
+          print_status "Trying password: #{key}" if verbose
+
+          gen_token = @token.generate(:jws, header: @jws.header.to_json, payload:@jws.payload.to_json , key: key)
+          sig = gen_token.split('.').last
+          if sig == Base64.urlsafe_encode64(@jws.signature, padding: false)
+            print_good "Password found: #{key}"
+            puts gen_token
+            exit!
+          else
+            print_bad "Invalid key: #{key}" if verbose
+            # puts gen_token if verbose
+          end
+        end
+      when keys.kind_of?(String)
+        gen_token = @token.generate(:jws, header: @jws.header.to_json, payload:@jws.payload.to_json , key: keys)
+        sig = gen_token.split('.').last
+        if sig == Base64.urlsafe_encode64(@jws.signature, padding: false)
+          print_good "Password found: #{keys}"
+          puts gen_token
+        else
+          print_bad "Invalid key: #{keys}"
+        end
+
+      else
+        print_error "Unknown key type"
+        raise
+      end
+    end
+
+
+    def handle_key
+      if File.file?(@list)
+        read_wordlist(@list)
+      else
+        @list
+      end
+    end
+
+    def read_wordlist(file)
+      if File.file?(file)
+        print_status "Found '#{file}' file."
+        File.readlines(file, chomp: true)
+            .lazy
+            .map(&:strip)
+            .reject(&:empty?)
+            .reject(&:nil?)
+      else
+        print_bad "File not found. #{file}"
+        exit!
+      end
+    end
+
+  end
+end
+