jwtear 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4bd6308c71a62710f83b4fe948bb9548de5cebef
+  data.tar.gz: 3c04480e04b3469e40a5cede5a09c8db727e9cbe
+SHA512:
+  metadata.gz: ca0c937b0abec2482997108633039078c5dc0691b6eedd9fa71a7e2dc68a9a4b61f0b1d3427ac16625b3bd28e20764bfb9b78ef06d48e30c18f8d1319de6556f
+  data.tar.gz: 1914d144b8c6fc0b84b040b132d9dbda8ffa50789148eaec75f621991be9bd38712459a86bc90dc91a0e727364d96bfe87d70f2e54c7cc73617b813f64cebff7

data/.gitignore

@@ -0,0 +1 @@
+.idea/

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in jwtear.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 KING SABRI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,58 @@
+# Jwtear
+Command-line tool and library to parse, create and manipulate JWT tokens for security testing purposes. 
+
+During working on exploiting some JWT-based application I needed some tool to make parsing and manipulating JWT token easier. 
+
+## Installation
+
+install it yourself as:
+
+    $ gem install jwtear
+
+## Usage
+
+```
+$> jwtear -h 
+
+
+  888888 888       888 88888888888
+    "88b 888   o   888     888
+     888 888  d8b  888     888
+     888 888 d888b 888     888   .d88b.   8888b.  888d888
+     888 888d88888b888     888  d8P  Y8b     "88b 888P"
+     888 88888P Y88888     888  88888888 .d888888 888
+     88P 8888P   Y8888     888  Y8b.     888  888 888
+     888 888P     Y888     888   "Y8888  "Y888888 888
+   .d88P                                       v0.1.0
+ .d88P"
+888P"    
+JWTear - Parse, create and manipulate JWT tokens.
+
+Help menu:
+   -p, --parse JWT_TOKEN            Parse JWT token
+       --generate-token             Generate JWT token.
+       --generate-sig               Generate JWT signature.
+       --header HEADER              JWT header (JSON format). (required for generate-token and generate-sig)
+                                      eg. {"typ":"JWT","alg":"HS256"} | Supported algorithms: [HS256, RS512, etc]
+       --payload PAYLOAD            JWT payload (JSON format). (required for generate-token and generate-sig)
+                                      eg. {"login":"admin"}
+       --key SECRET                 Secret Key for symmetric encryption. (required for generate-token and generate-sig)
+                                      eg. P@ssw0rd
+   -h, --help                       Show this help message
+
+Usage:
+  ruby jwtear.rb <OPTIONS>
+
+Example:
+ruby jwtear.rb --generate-token --header '{"typ":"JWT","alg":"HS256"}' --payload '{"login":"admin"}' --key 'P@ssw0rd!'
+ruby jwtear.rb --generate-sig --header '{"typ":"JWT","alg":"HS256"}' --payload '{"login":"admin"}' --key 'P@ssw0rd!'
+ruby jwtear.rb --parse 'eyJwI...6IfJ9.kxrMS...MjAMm.zEybN...TU2Njk3ZmE3OA'
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/jwtear.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/jwtear

@@ -0,0 +1,117 @@
+#!/usr/bin/env ruby
+#
+# JWTear - A command-line tool and library to parse, create and manipulate JWT tokens for security testing purposes.
+#
+# @Author: KING SABRI - @KINGSABRI
+#
+lib = File.dirname(__FILE__) + '/../lib'
+mod = File.dirname(__FILE__) + '/../modules'
+if File.directory?(lib)
+  unless $:.include?(lib)
+    $:.unshift(lib)
+    $:.unshift(mod)
+  end
+end
+require 'jwtear'
+require 'optparse'
+
+
+options = {}
+option_parser = OptionParser.new
+option_parser.banner = "#{"JWTear".bold} - Parse, create and manipulate JWT tokens."
+option_parser.set_summary_indent '   '
+option_parser.separator "\nHelp menu:".underline
+option_parser.on('-p', '--parse JWT_TOKEN' , 'Parse JWT token') {|v| options[:parse] = v}
+option_parser.on('--generate-token', 'Generate JWT token.') {|v| options[:generate_token] = v}
+option_parser.on('--generate-sig', 'Generate JWT signature.') {|v| options[:generate_sig] = v}
+option_parser.on('--header HEADER',
+                  'JWT header (JSON format). (required for generate-token and generate-sig)',
+                  '  eg. {"typ":"JWT","alg":"HS256"} | Supported algorithms: [HS256, RS512, etc]'
+) {|v| options[:header] = v}
+option_parser.on('--payload PAYLOAD' ,
+                    'JWT payload (JSON format). (required for generate-token and generate-sig)',
+                    '  eg. {"login":"admin"}'
+) {|v| options[:payload] = v}
+option_parser.on('--alg ALGORITHM',
+                  'Force algorithm type when generating a new token (ignore the one in header). (optional with generate-token)',
+                  '  Supported algorithms: [HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512]'
+) {|v| options[:alg] = v}
+option_parser.on('--key SECRET',
+                 'Secret Key for symmetric encryption. (required for generate-token and generate-sig. Accept password as a string or a file)',
+                 '  eg. P@ssw0rd  | eg. public_key.pem'
+) {|v| options[:key] = v}
+# option_parser.on( '-m MODULE', '--module MODULE',
+#                  "Use module - WIP",
+#                  "Use it without argument to list all modules with its usage"
+# ) {|v| options[:key] = v}
+option_parser.on('-h', '--help', 'Show this help message') {puts JWTear::Utils.banner , option_parser; exit!}
+option_parser.on_tail "\nUsage:\n".underline + "jwtear <OPTIONS>"
+option_parser.on_tail "\nExample:".underline
+option_parser.on_tail %Q{jwtear --generate-token --header #{"'".bold}{"typ":"JWT","alg":" "}#{"'".bold} --payload #{"'".bold}{"login":"admin"}#{"'".bold} --key 'P@ssw0rd!'}
+option_parser.on_tail %Q{jwtear --generate-sig --header #{"'".bold}{"typ":"JWT","alg":"HS256"}#{"'".bold} --payload #{"'".bold}{"login":"admin"}#{"'".bold} --key 'P@ssw0rd!'}
+option_parser.on_tail %Q{jwtear --parse #{"'".bold}eyJwI...6IfJ9#{'.'.bold}kxrMS...MjAMm#{'.'.bold}zEybN...TU2Njk3ZmE3OA#{"'".bold}\n\n}
+
+begin
+  option_parser.parse!
+  include JWTear::Utils
+  case
+    when options[:parse]
+      jwt = JWTear::JWT.new(options[:parse])
+      jwt_parsed = jwt.parse
+      puts "-[#{'Hash'.green}]----"
+      puts jwt_parsed
+      puts "-[#{'JSON'.green}]----"
+      puts jwt.json
+      puts ''
+      puts "[+] ".dark_green + "Header (envelope segment):".bold.underline
+      jwt.header.each {|key, value| puts "  #{'-'.bold} #{key}: #{value}"}
+      puts "[+] ".dark_green + "Payload (claim segment):".bold.underline
+      jwt.payload.each {|key, value| puts "  #{'-'.bold} #{key}: #{value}"}
+      puts "[+] ".dark_green + "Signature (envelope segment) - encoded:".bold.underline
+      puts "#{Base64.urlsafe_encode64(jwt.signature)}"
+    when options[:generate_token] && (options[:header] || options[:payload] || options[:key]).nil?
+      puts '[!] '.red + "Missing mandatory switch(es) '--header/--payload/--alg/--key'"
+
+    when options[:generate_gen] && (options[:header] || options[:payload] || options[:key]).nil?
+      puts '[!] '.red + "Missing mandatory switch(es) '--header/--payload/--key'"
+
+    when options[:generate_token]
+      jwt = JWTear::JWT.new
+      jwt.header  = options[:header]
+      jwt.payload = options[:payload]
+      jwt.alg     = options[:alg]
+      if options[:key]
+        jwt.key   = File.file?(options[:key])? File.read(options[:key]) : options[:key] # read key as a string or from file(eg. pub_key.pem)
+      end
+      token       = jwt.generate_token
+      puts "-[#{'Hash'.dark_green}]----"
+      puts jwt.hash
+      puts "-[#{'JSON'.dark_green}]----"
+      puts jwt.json
+      puts ''
+      puts "-[#{'Token'.green}]----"
+      puts token
+
+    when options[:generate_sig]
+      jwt = JWTear::JWT.new
+      data_encoded = encode_header_payload(options[:header], options[:payload])
+      puts "-[#{'Signature'.green}]----"
+      puts encode(jwt.generate_sig(data_encoded, options[:alg], options[:key]).signature)
+
+    else
+      puts JWTear::Utils.banner
+      puts option_parser
+  end
+rescue OptionParser::MissingArgument => e
+  e.args.each {|arg| puts '[!] '.red + "#{e.reason.capitalize} for '#{arg}' option."}
+  puts option_parser
+rescue OptionParser::InvalidOption => e
+  puts '[!] '.red + "#{e}"
+  puts option_parser
+rescue Exception => e
+  puts "[x] ".red + "Unknown Exception: option parser"
+  puts '[!] '.yellow + 'Please report the issue at: https://github.com/KINGSABRI/jwtear/issues'.underline
+  puts e.backtrace
+  puts e.backtrace_locations
+  puts e
+end

data/jwtear.gemspec

@@ -0,0 +1,22 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "jwtear/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "jwtear"
+  spec.version       = JWTear::VERSION
+  spec.authors       = ["KING SABRI"]
+  spec.email         = ["king.sabri@gmail.com"]
+
+  spec.summary       = %q{JWTear, command-line tool and library to parse, create and manipulate JWT tokens for security testing purposes.}
+  spec.description   = %q{JWTear, command-line tool and library to parse, create and manipulate JWT tokens for security testing purposes.}
+  spec.homepage      = "https://github.com/KINGSABRI/jwtear"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "bin"
+  spec.executables   = ['jwtear']
+  spec.require_paths = ["lib"]
+
+  # spec.add_dependency ''
+end

data/lib/jwtear.rb

@@ -0,0 +1,24 @@
+# Standard libraries
+require 'base64'
+require 'json'
+require 'digest'
+require 'openssl'
+
+# JWTear
+require_relative 'jwtear/version'
+require_relative 'jwtear/errors'
+require_relative 'jwtear/extensions'
+require_relative 'jwtear/jwt'
+require_relative 'jwtear/utils'
+
+
+module  JWTear
+  include JWTear::Utils
+
+  String.class_eval do
+    include Extensions::Core::String
+  end
+  # NilClass.class_eval do
+  #   include Extensions::Core::NilClass
+  # end
+end

data/lib/jwtear/algorithms.rb

@@ -0,0 +1,82 @@
+module  JWTear
+
+  # Algorithms module contains all algorithms that are supported for this lib
+  # @Note if you are looking for production library, please use jwt gem
+  #
+  module Algorithms
+
+    # sha generates SHA signature
+    #
+    # @param data [String]
+    #   the data you want to encrypt or make signature for.
+    # @param alg [String]
+    #   the algorithm you want. @example: SHA256, SHA384, SHA512
+    # @param key [String]
+    #
+    # @return [String] SHA signature
+    #
+    def sha(data, alg, key)
+      raise AlgorithmRequiresKeyError if key.nil?
+      digit = /[[:digit:]]+/
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'.sub(digit, alg[digit])), key, data)
+    end
+
+    # rsa generates RSA signature
+    #
+    # @param data [String]
+    #   the data you want to encrypt or make signature for.
+    # @param alg [String]
+    #   the algorithm you want. @example: RSA256, RSA384, RSA512
+    # @return [Hash]
+    #   of public_key, private_key and signature
+    #
+    def rsa(data, alg)
+      rsa_private = OpenSSL::PKey::RSA.generate(2048)
+      rsa_public  = @rsa_private.public_key
+      signature   = @rsa_private.sign(OpenSSL::Digest.new(alg.sub('RS', 'sha')), data)
+
+      {public_key: rsa_public, private_key: rsa_private, signature: signature}
+      # FIXME: need to sign using public key
+      # cert   = File.open('pub_cert.pem').read
+      # @public_key = OpenSSL::PKey::RSA.new(cert)
+      # raise 'Not a public certificate' unless public_key.public?
+    end
+
+    # ecdsa generates ESDSA signature
+    #
+    # @param data [String]
+    # @param alg [String]
+    # @return [String] of ESDSA signature
+    #
+    def ecdsa(data, alg)
+      # TODO:
+      #   - fixme
+      #   - support P-256 as SHA256
+      ecdsa_key = OpenSSL::PKey::EC.new('prime256v1')
+      ecdsa_key.generate_key
+      ecdsa_public = OpenSSL::PKey::EC.new(ecdsa_key)
+      ecdsa_public.private_key = nil
+    end
+
+    # Just None encryption
+    #
+    # @return [String]
+    #   empty string if none algorithm, yes it happens in JWT
+    def none
+      ''
+    end
+
+    # List of supported algorithms
+    #
+    # @return [Hash]
+    #
+    def supported_algorithms
+      {
+          SHA:   %w{HS256 HS384 HS512},
+          RSA:   %w{RS256 RS384 RS512},
+          ESDSA: %w{ES256 ES384 ES512}
+      }
+    end
+
+  end
+end

data/lib/jwtear/errors.rb

@@ -0,0 +1,5 @@
+module JWTear
+  # Algorithm Errors
+  class AlgorithmRequiresKeyError < TypeError; end
+  class AlgorithmUnknownError < Exception; end
+end

data/lib/jwtear/extensions.rb

@@ -0,0 +1,41 @@
+module JWTear
+  module Extensions
+    module Core
+      module String
+        def red; colorize(self, "\e[1m\e[31m"); end
+        def green; colorize(self, "\e[1m\e[32m"); end
+        def dark_green; colorize(self, "\e[32m"); end
+        def yellow; colorize(self, "\e[1m\e[33m"); end
+        def blue; colorize(self, "\e[1m\e[34m"); end
+        def dark_blue; colorize(self, "\e[34m"); end
+        def purple; colorize(self, "\e[35m"); end
+        def dark_purple; colorize(self, "\e[1;35m"); end
+        def cyan; colorize(self, "\e[1;36m"); end
+        def dark_cyan; colorize(self, "\e[36m"); end
+        def pure; colorize(self, "\e[0m\e[28m"); end
+        def underline; colorize(self, "\e[4m"); end
+        def bold; colorize(self, "\e[1m"); end
+        def colorize(text, color_code) "#{color_code}#{text}\e[0m" end
+      end
+
+      # module NilClass
+      #   def puts(type=nil, arg)
+      #     case type
+      #       when nil
+      #         puts arg
+      #       when :error
+      #         puts '[x] '.red + arg
+      #       when :warning
+      #         puts '[!] '.yellow + arg
+      #       when :success
+      #         puts '[x] '.green.bold + arg
+      #       when :status
+      #         puts '[x] '.green + arg
+      #       else
+      #         puts arg
+      #     end
+      #   end
+      # end
+    end
+  end
+end

data/lib/jwtear/jwt.rb

@@ -0,0 +1,117 @@
+require 'jwtear/algorithms'
+require 'jwtear/utils'
+
+module JWTear
+  class JWT
+    include JWTear::Extensions
+    include JWTear::Algorithms
+    include JWTear::Utils
+
+    # @!attribute [rw] token [String] generated or parsed token
+    # @!attribute [rw] header [String] generated or parsed header
+    # @!attribute [rw] payload [String] generated or parsed payload
+    attr_accessor :token, :header, :payload
+    # @!attribute [rw] alg [String] generated or parsed algorithm
+    # @!attribute [rw] key [String] given encryption key
+    # @!attribute [rw] data [String] given or parsed data
+    attr_accessor :alg, :key, :data
+    # @!attribute [r] json [JSON] given or parsed json
+    # @!attribute [r] hash [Hash] hash result of parsing given or generated json
+    attr_reader :json, :hash
+    # @!attribute [r] signature [String] generated or parsed signature
+    # @!attribute [r] rsa_private [String] generated private private key
+    # @!attribute [r] rsa_public [String] generated or given public key
+    attr_reader :signature, :rsa_private, :rsa_public
+
+    def initialize(token='')
+      @token = token
+      @key   = nil
+    end
+
+    # parse a given token.
+    #   The main use of it is to parse and initiate header, payload, type, alg, signature values
+    #
+    # @param token String
+    def parse(token=@token)
+      _token = token.split('.')
+      @header     = JSON.parse(Base64.urlsafe_decode64(_token[0]))
+      @type, @alg = @header['type'], @header['alg']
+      @payload    = JSON.parse(Base64.urlsafe_decode64(_token[1]))
+      @signature  = Base64.urlsafe_decode64(_token[2]) unless (_token[2].nil? or _token[2].empty?)
+      set_hash_and_json
+    end
+
+    # build the hash and Json format from the parsed or generated token
+    def set_hash_and_json
+      @json       = "#{@header.to_json}.#{@payload.to_json}.#{Base64.urlsafe_encode64(@signature, padding: false)}"
+      @hash       = {header: @header, payload: @payload, signature: Base64.urlsafe_encode64(@signature, padding: false)}
+    end
+
+    # generate signature
+    #
+    # @param data [String]. 'Base64.encode(header)'.'Base64.encode(payload)'>
+    # @param alg [String] supported algorithms: HS256 HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512
+    # @param key String
+    #
+    # @return [String] the generate signature
+    #
+    def generate_sig(data, alg, key)
+      begin
+        case alg
+          when /^HS/
+            @signature = sha(data, alg, key)
+          when /^RS/
+            rsa = rsa(data, alg)
+            @rsa_public  = rsa[:public_key]
+            @rsa_private = rsa[:private_key]
+            @signature   = rsa[:signature]
+          when /^ES/
+            ecdsa(data, alg)
+          when /none/i
+            none
+          else
+            raise AlgorithmUnknownError
+        end
+      rescue AlgorithmUnknownError
+        puts "[x] ".red + "algorithm cannot be nil, empty or unsupported, Use: '--alg ALGORITHM' option"
+        puts "[!] ".yellow   + 'Supported Algorithms:'
+        supported_algorithms.each_pair do |alg_key, alg_val|
+          puts alg_key, alg_val.map{|_alg| "  #{_alg}" }
+        end
+        exit!
+      rescue AlgorithmRequiresKeyError
+        puts "[x] ".red + "key cannot be nil or empty, Use: '--key SECRET_KEY' option"
+        exit!
+      rescue Exception => e
+        puts "[x] ".red + "Unknown Exception: generate_sig"
+        puts '[!] '.yellow + 'Please report the issue at: https://github.com/KINGSABRI/jwtear/issues'.underline
+        puts e
+        puts e.backtrace
+      end
+
+      self
+    end
+
+    # generate JWT token
+    #   by default, generate_token uses the given json header to detect the algorithm. But it also accept to ignore than
+    #   and force it to you another algorithm.
+    #
+    # @return [String] the generated token
+    #
+    def generate_token
+      @header    =  JSON.parse(@header)  unless @header.is_a?(Hash)
+      @payload   =  JSON.parse(@payload) unless @payload.is_a?(Hash)
+      @alg       = @header['alg'] if @alg.nil?
+      header    = Base64.urlsafe_encode64(@header.to_json, padding: false)
+      payload   = Base64.urlsafe_encode64(@payload.to_json, padding: false)
+      data      = "#{header}.#{payload}"
+      @signature = generate_sig(data, @alg, @key).signature
+      signature = encode(@signature)
+      token = [header, payload, signature].join('.')
+      parse(token)
+
+      token
+    end
+
+  end
+end

data/lib/jwtear/utils.rb

@@ -0,0 +1,31 @@
+module JWTear
+  module Utils
+
+    def encode(data)
+      Base64.urlsafe_encode64(data, padding: false)
+    end
+
+    def decode(data)
+      Base64.urlsafe_decode64(data)
+    end
+
+    def encode_header_payload(header, payload)
+      [header, payload].map {|part| encode part}.join('.')
+    end
+
+    # JWTear's logo
+    def self.banner
+      %Q{\n  888888 888       888 88888888888
+      "88b 888   o   888     888
+       888 888  d8b  888     888
+       888 888 d888b 888     888   .d88b.   8888b.  888d888
+       888 888d88888b888     888  d8P  Y8b     "88b 888P"
+       888 88888P Y88888     888  88888888 .d888888 888
+       88P 8888P   Y8888     888  Y8b.     888  888 888
+       888 888P     Y888     888   "Y8888  "Y888888 888
+     .d88P                                       v#{JWTear::VERSION}
+   .d88P"
+  888P"    }
+    end
+  end
+end

data/lib/jwtear/version.rb

@@ -0,0 +1,3 @@
+module JWTear
+  VERSION = "0.1.0"
+end

data/modules/bruteforce.rb

@@ -0,0 +1,39 @@
+module JWTear
+  module JWTModule
+
+    class BruteForce
+
+      attr_accessor :token
+      attr_accessor :word_list
+      def initialize(wordlist)
+        check_gem
+        @word_list = File.open(wordlist).
+                           each_line(chomp: true).
+                           map(&:strip).
+                           reject(&:nil?).
+                           reject(&:empty?).lazy
+        @token = nil
+      end
+
+      def check_gem
+        begin
+          require 'celluloid'
+        rescue LoadError
+          puts "[x] required gem is missing: please run the following"
+          puts "gem install celluloid"
+          exit 1
+        end
+      end
+
+      def options
+        "'Brute-force signature to get the 'Key/Password'. (required for generate-token and generate-sig)'"
+      end
+
+      def bruteforce
+        puts "I'm burtefocing now!!!!!"
+      end
+
+    end
+
+  end
+end

metadata

@@ -0,0 +1,62 @@
+--- !ruby/object:Gem::Specification
+name: jwtear
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- KING SABRI
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-01-10 00:00:00.000000000 Z
+dependencies: []
+description: JWTear, command-line tool and library to parse, create and manipulate
+  JWT tokens for security testing purposes.
+email:
+- king.sabri@gmail.com
+executables:
+- jwtear
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/jwtear
+- jwtear.gemspec
+- lib/jwtear.rb
+- lib/jwtear/algorithms.rb
+- lib/jwtear/errors.rb
+- lib/jwtear/extensions.rb
+- lib/jwtear/jwt.rb
+- lib/jwtear/utils.rb
+- lib/jwtear/version.rb
+- modules/bruteforce.rb
+homepage: https://github.com/KINGSABRI/jwtear
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.13
+signing_key: 
+specification_version: 4
+summary: JWTear, command-line tool and library to parse, create and manipulate JWT
+  tokens for security testing purposes.
+test_files: []