Last active
October 20, 2025 22:17
-
-
Save typhonius/ab6658dc4956c5c9319b2751b39c8c6f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function when() { | |
| if [ $# -eq 0 ]; then | |
| echo "Usage: when <unix_timestamp>" | |
| return 1 | |
| fi | |
| date -r $1 | |
| } | |
| urlsafe_b64decode() { | |
| local data=${1//_/\/} | |
| data=${data//-/+} | |
| # Add padding (the == at the end) | |
| local mod4=$((${#data} % 4)) | |
| if [[ $mod4 -eq 2 ]]; then data="$data==" | |
| elif [[ $mod4 -eq 3 ]]; then data="$data=" | |
| fi | |
| echo "$data" | base64 -D 2> /dev/null | jq . | |
| } | |
| # Function to unpack JWT | |
| jwt() { | |
| if [ $# -eq 0 ]; then | |
| echo "Usage: unpack_jwt <JWT>" | |
| return 1 | |
| fi | |
| local jwt="$1" | |
| # Decode JWT parts | |
| IFS='.' read -r header payload signature <<< "$jwt" | |
| if [ -z "$header" ] || [ -z "$payload" ] || [ -z "$signature" ]; then | |
| echo "Invalid JWT format" | |
| return 1 | |
| fi | |
| # Decode and pretty print each part | |
| local decoded_header=$(urlsafe_b64decode "$header") | |
| local decoded_payload=$(urlsafe_b64decode "$payload") | |
| echo "Header:" | |
| echo "$decoded_header" | jq --color-output | |
| echo "\nPayload:" | |
| echo "$decoded_payload" | jq --color-output | |
| # Extract and convert timestamps if they exist in payload | |
| local exp=$(echo "$decoded_payload" | jq -r '.exp // empty') | |
| local iat=$(echo "$decoded_payload" | jq -r '.iat // empty') | |
| if [[ -n "$iat" ]]; then | |
| echo "\nIssued At:" | |
| when $iat | |
| fi | |
| if [[ -n "$exp" ]]; then | |
| echo "\nExpiration Time:" | |
| when $exp | |
| fi | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment