Recover the RSA public key from two RS256 /RS384/RS512 JWTs signed by the same key — no public key needed. Computes gcd(s₁ᵉ−m₁, s₂ᵉ−m₂) to factor out the modulus, then hands off to the JWT Editor for RS→HS algorithm-confusion forgery. Runs entirely in your browser.
e=65537 keys runs a GCD over two ~16 MB integers entirely in your browser and typically takes 2–4 minutes (small e=3 keys are instant). It runs in a Web Worker, so this page stays responsive — leave the tab open. Nothing is uploaded.marduc812
2026