Giters

blackberry / jwt-editor

A Burp Suite extension and standalone application for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

JSON Web Token tab disappears after application of "none" Signing Algorithm Attack

DolphFlynn opened this issue · comments

commented
  • Steps to reproduce:
    1. Send request with valid JWT to Repeater within Burp
    2. Select 'JSON Web Token' tab
    3. Click 'Attack'
    4. Select "none" Signing Algorithm
    5. Select Raw tab
    6. Select 'JSON Web Token' tab
  • Expected result: 'JSON Web Token' tab reappears
  • Actual result: 'JSON Web Token' tab disappears from tab list