CVE-2022-39227 PoC — python-jwt 安全漏洞

Source

https://github.com/NoSpaceAvailable/CVE-2022-39227

Associated Vulnerability

Title:python-jwt 安全漏洞 (CVE-2022-39227)
Description:python-jwt是David Halls个人开发者的一个用于生成和验证 JSON Web 令牌的 Python 模块。 python-jwt 3.3.4之前版本存在安全漏洞，该漏洞源于受到欺骗绕过身份验证的影响，从而导致身份欺骗、会话劫持或绕过身份验证。

Description

A working POC found while doing a HTB challenge. Original: https://github.com/user0x1337/CVE-2022-39227

Readme

This repo belongs to https://github.com/user0x1337/CVE-2022-39227 I just copy it

File Snapshot


 [4.0K]  /data/pocs/cb6855ed52d968c244499ad15c0e7bddf2d37f5b
├── [4.0K]  POC
│   └── [4.0K]  CVE-2022-39227
│       ├── [2.1K]  cve_2022_39227.py
│       ├── [2.1K]  cve_2022_39227.py.save
│       ├── [ 34K]  LICENSE
│       └── [1.4K]  README.md
└── [  81]  README.md

2 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!