Code Monkey home page Code Monkey logo

flask-session-cookie-manager's Introduction

Flask Session Cookie Decoder/Encoder

Build Status Build Status Rawsec's CyberSecurity Inventory GitHub top language GitHub license

Original author : Wilson Sumanang

Fixes and improvements author : Alexandre ZANNI

Imported from saruberoz.github.io

Depencencies

Installation

Package

Packaging status

BlackArch Linux

# pacman -S flask-session-cookie-manager{3,2}

Git

ArchLinux

Both python3 etn python2:

$ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager
# makepkg -sic

Other distros

Find your way with your package manager, use pip in a virtual environment or use pyenv.

Eg.

$ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager
$ python -m venv venv
$ source venv/bin/activate
$ python setup.py install

Usage

Use flask_session_cookie_manager3.py with Python 3 and flask_session_cookie_manager2.py with Python 2.

usage: flask_session_cookie_manager{2,3}.py [-h] {encode,decode} ...

Flask Session Cookie Decoder/Encoder

positional arguments:
  {encode,decode}  sub-command help
    encode         encode
    decode         decode

optional arguments:
  -h, --help       show this help message and exit

Encode

usage: flask_session_cookie_manager{2,3}.py encode [-h] -s <string> -t <string>

optional arguments:
  -h, --help            show this help message and exit
  -s <string>, --secret-key <string>
                        Secret key
  -t <string>, --cookie-structure <string>
                        Session cookie structure

Decode

usage: flask_session_cookie_manager{2,3}.py decode [-h] [-s <string>] -c <string>

optional arguments:
  -h, --help            show this help message and exit
  -s <string>, --secret-key <string>
                        Secret key
  -c <string>, --cookie-value <string>
                        Session cookie value

Examples

Encode

$ python{2,3} flask_session_cookie_manager{2,3}.py encode -s '.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d' -t '{"number":"326410031505","username":"admin"}'
eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw

Note: the session cookie structure must be a valid python dictionary

Decode

With secret key:

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c 'eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw' -s '.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d'
{u'username': 'admin', u'number': '326410031505'}

Without secret key (less pretty output):

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c 'eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw'
{"number":{" b":"MzI2NDEwMDMxNTA1"},"username":{" b":"YWRtaW4="}}

flask-session-cookie-manager's People

Contributors

dalepotter avatar noraj avatar tabdiukov avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

testanull mrtaheramine kp625544 anntsmart fortunec00kie style-404 jumbo-wjb marcostolosa peytonhenderson hotitanxiao me-jatin yogistudio kingking888 saucer-man josh-00ff00 anquanzhu mengsec2016 shad0w008 mouse12345616 851579181 yuzhejk landr-liyunlong bigboatcap kevinbruce2018 5l1v3r1 mmg1 stdchi sec-js rajivraj hollow667 mossygr 1cep3ak ruanyr devil8123665 amgaryge ishao666 fdlucifer scriptkiddlepyh tefuir72 lk2633 0xbadca7 sm1rk322 functfan leasonj hmilkovi sectestt qianniaoge borny444 d3do-23 chixxx sasecio gocyiv dalepotter fikroyy mihailpasuhin kush412 b1u3s kenuoseclab b0j1 jackpot777 y1nglamore yueywh1 etxxlq lonewolf1927 sala2000 hissec simon-bruklich babywyrm todaygood gaogaostone lilslolw synacksecuk excloudx6 darkfirestorm bbest1365 ghcjsnb kcruz24 zhuzhouhao iq-scm allblue147 gitaostitto marubewoods valecia2023 pupulit wanna1114 yeshuibo p0keeper gysf666 geniusdd30

flask-session-cookie-manager's Issues

Question regarding decoding and encoding

Hi. I successfully decoded a test cookie and the result was as follows :

  1. b'{"_fresh":true,"_id":{" b":"SOMEVALUES="},"csrf_token":{" b":"SOMEVALUES=="},"user_id":"SOMEINT"}'

However, when I try to re-encode it, following error occurred :

error: unrecognized arguments: b_id:{ b:SOMEVALUES=} bcsrf_token:{ b:SOMEVALUES==} buser_id:SOMEINT

I removed the "b" values like below

  1. {"_fresh":true,"_id":{" b":"SOMEVALUES="},"csrf_token":{" b":"SOMEVALUES=="},"user_id":"SOMEINT"}

However, this does not give me exact cookie value that I input in decoding stage.

How can I reproduce the same cookie with value from 1. ?

Thank you

My late response

Hey! Sorry for a late response, I was busy with exams.

Sadly, as for Python 2, I have no idea what needs to be done.

Mind you publish code onto Pypi? Thanks

I also noticed you've done substantial changes to the code! Great? How sure if its a bug or not (if it is, it's probably some of my mistakes), but for Python 3.6+, when trying to decode, it returns bytestream, not String

thanks

Provide encoding option without secret key

Hey,
nice tool, one little request:
At the moment it is not possible to encode the cookie without a secret key, if you provide an empty -s '' parameter you will receive an error:
[Encoding error] 'NoneType' object has no attribute 'dumps'

would be nice if you implement this.

Thanks & BR,
Sec77

My flask app set secret_key, but it can still decode without key.

This is code from app.py:

app.config["SECRET_KEY"] = str(random.random())

And when i run this cmd:

python flask_session_cookie_manager3.py decode -c ".eJyrVipOTS5KLclLzE1VslKKKTUzN0qMKTU3TzUFkqZGFkARI2NzEwszAyUdpdLi1CK4StM0AyOgrEGacUypSapJEpBtmmyqVAsAQfAZaA.Yay2mA.Q51Q7QbVLWIssD3Pfv63Bu4czL0"

(The session content is from web cookie)

It still work! And i can see what I've just set on my server.

Who know why? Strongly thanks.

[Encoding error] malformed node or string

I used this repo to encode a cookie using your demo:

python flask_session_cookie_manager3.py encode -s '.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d' -t '{"number":"326410031505","username":"admin"}'

But, unfortunately, it didn't work, and gave this error:

python flask_session_cookie_manager3.py encode -s '.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d' -t '{"number":"326410031505","username":"admin"}'
[Encoding error] malformed node or string: <ast.Name object at 0x00000210548ECBE0>

I'm using Windows 11 with python==3.9.13, itsdangerous==2.0.1, flask==1.1.2.

Any advice?

dict ERROR , python 3.9.5

ERRO:[Encoding error] dictionary update sequence element #0 has length 1; 2 is required

Payload:python flask_session_cookie_manager3.py encode -s 'Imposs1bl3_Br0!_!H0uuD0uFXXXXXXXXX' -t '{"role":"admin"}'

python --version
Python 3.9.5

pip list is below
Package Version

blinker 1.7.0
click 8.1.7
colorama 0.4.6
flask 3.0.2
flask-session-cookie-manager 1.2.1.1
importlib-metadata 7.0.1
itsdangerous 2.1.2
jinja2 3.1.3
markupsafe 2.1.5
pip 21.1.1
setuptools 56.0.0
werkzeug 3.0.1
zipp 3.17.0

Action Required: Fix Renovate Configuration

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Error type: undefined. Note: this is a nested preset so please contact the preset author if you are unable to fix it yourself.

py3 运行出错

你好,在py3.9的环境下,运行报错:[Encoding error] dictionary update sequence element #0 has length 1; 2 is required

可以看下是什么问题么,非常感谢

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.