## https://sploitus.com/exploit?id=DABB81F8-B135-5BB3-A657-89F3AFF9423D
# CVE-2022-21449
repo showcasing generation of a base64 signature for applications that are vulnerable to "psychic signatures in java", implemented in a nodejs environment ๐
Before running make sure to install the modified fork of elliptic from https://github.com/davwwwx/elliptic
```BASH
$ npm install
```
Generate the signature
```BASH
$ node index.js
```
Get an example vulnerable application from DataDog/security-labs-pocs - [https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app](https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app)