istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/fuzz/fuzzers/jwt_tool/jwtconf.ini

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/fuzz/fuzzers/jwt_tool/jwtconf.ini (about)

     1  [crypto]
     2  # The sample RSA public and private keys are used to generate different tokens for testing. They can be simply generated
     3  # with the command `make -f tools/certs/Makefile.selfsigned.mk sample-RSA`.
     4  pubkey = sample-RSA-public.pem
     5  privkey = sample-RSA-private.pem
     6  jwks =
     7  
     8  [services]
     9  jwt_tool_version = 2.2.3
    10  # To disable the proxy option set this value to: False (no quotes)
    11  proxy = False
    12  # Set this to the URL you are hosting your custom JWKS file - your own server, or maybe use this cheeky reflective URL (https://httpbin.org/base64/{base64-encoded_JWKS_here})
    13  jwksloc =
    14  # Set this to the base URL of a Collaborator server, somewhere you can read live logs, a Request Bin etc.
    15  httplistener =
    16  
    17  [customising]
    18  useragent = Mozilla/5.0 (Windows NT 10.0; Win64; x64) jwt_tool
    19  
    20  [input]
    21  wordlist = jwt-common.txt
    22  commonHeaders = common-headers.txt
    23  commonPayloads = common-payloads.txt
    24  
    25  [argvals]
    26  # Set at runtime - changes here are ignored
    27  sigType =
    28  targetUrl =
    29  cookies =
    30  key =
    31  keyList =
    32  keyFile =
    33  headerLoc =
    34  payloadclaim =
    35  headerclaim =
    36  payloadvalue =
    37  headervalue =
    38  canaryvalue =
    39  header =
    40  exploitType =
    41  scanMode =
    42  reqMode =
    43  postData =
    44  resCode =
    45  resSize =
    46  resContent =