Skip to content
/ CVE-2022-21449 Public

repo showcasing generating "psychic signatures for java" implemented in a nodejs environment πŸ˜…

neilmadden.blog/2022/04/19/psychic-signatures-in-java/
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

davwwwx/CVE-2022-21449

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
index.js
index.js
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 
run.png
run.png
Β 
Β 

Repository files navigation

CVE-2022-21449

repo showcasing generation of a base64 signature for applications that are vulnerable to "psychic signatures in java", implemented in a nodejs environment πŸ˜…

Before running make sure to install the modified fork of elliptic from https://github.com/davwwwx/elliptic

$ npm install

Generate the signature

$ node index.js

PoC

Get an example vulnerable application from DataDog/security-labs-pocs - https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app

About

repo showcasing generating "psychic signatures for java" implemented in a nodejs environment πŸ˜…

neilmadden.blog/2022/04/19/psychic-signatures-in-java/

Topics

cve-2022-21449

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages