-
Notifications
You must be signed in to change notification settings - Fork 33
/
CHANGELOG
44 lines (35 loc) · 1.42 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
jwtxploiter v1.2.1
FIXED
* FileNotFoundError when passing non existing key file to -k/--key #10
ADDED
* Quiet option to suppress warnings and colored output, keeping only the crafted token
ENANCHEMENT
* Added methods to spped up format conversions (der, pem, int)
* Algorithm now is not required anymore for verifying operations
jwtxploiter v1.2
FIXED
* AttirubuteError if jwks file does not contain the verifier key #8
* JWKS file not properly generated #7
* Installation script may miss to install requirements #2 closed by @Auror007
IMPLEMENTED
+ CVE 2020-28042 null signature
ENANCHEMENT
* Dropped off pyOpenSSL dependency
* Dropped usage of subprocess to internal python methods
* Improved --auto-try efficency
* Certificates generation now use cryptography library
jwtxploiter v1.1
FIXED
* x5u functions was not converting public numbers to base64
* generating jwk was not converting public numbers to base64
IMPLEMENTED
+ Added feature for dump generated key
+ Merged --complex-payload functionality in --payload (--complex-payload is always avaiable but is deprecated)
+ Added feature to verify a token against a JWKS file
ENANCHEMENT
* Wiki updated
* Docstrings corrections
-- Andrea Tedeschi <andrea.tedeschi@andreatedeschi.uno> Sun, 07 Feb 2021 08:39:41 +0000
jwtxploiter v1.0
+ Initial release
-- Andrea Tedeschi <andrea.tedeschi@andreatedeschi.uno> Tue, 02 Feb 2021 13:35:49 +0000