Jump to content
Kok

Want to know if there is a file we can predict for key id in JSON Web Token

Recommended Posts

I have JWT token and I want to modify the key id field. Kid field can be used for local files. I had verfied that /etc/passwd can be used but I don't know the content.

So I want to know some files that I can predict the content. The target website have 127.0.0.1/__sinatra__/404.png which I can download that png file. But I don't know the absolute path for that file.

Does anyone know the solution of my problem.? Please help me.

Share this post


Link to post
Share on other sites

If you can fingerprint the distro to one of the Debian varients, check /etc/debian_version or something like that, there are only a small number of possible values for that file.

/etc/shells is probably also fairly fixed.

Share this post


Link to post
Share on other sites

digininja , Thanks for your answer.

I found that debian version may be 3 or 4 or around them . Can I know all possible contents of /etc/debian_version of debian 3 and 4 .

Share this post


Link to post
Share on other sites

Yes you can know them.

Access a few Debian boxes and checkout the file contents, you should then be able to make a fairly good prediction of the contents of the file.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...