Flask Session Cookie Manager : Flask Session Cookie Decoder/Encoder

Flask Session Cookie Decoder/Encoder.

Dependencies

Installation

  • BlackArch Linux

# pacman -S flask-session-cookie-manager{3,2}

Git

  • ArchLinux

Both python3 etn python2:

$ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager
# makepkg -sic

Other Distros

Find your way with your package manager, use pip in a virtual environment or use pyenv.

Eg.

$ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager
$ python -m venv venv
$ source venv/bin/activate
$ python setup.py install

Usage

Use flask_session_cookie_manager3.py with Python 3 and flask_session_cookie_manager2.py with Python 2.

Usage: flask_session_cookie_manager{2,3}.py [-h] {encode,decode} …

Flask Session Cookie Decoder/Encoder

Positional Arguments:
{encode,decode} sub-command help
encode encode
decode decode

Optional Arguments:
-h, –help show this help message and exit

  • Encode

Usage: flask_session_cookie_manager{2,3}.py encode [-h] -s -t

Optional Arguments:
-h, –help show this help message and exit
-s , –secret-key
Secret key
-t , –cookie-structure
Session cookie structure

  • Decode

Usage: flask_session_cookie_manager.py decode [-h] [-s ] -c

Optional Arguments:
-h, –help show this help message and exit
-s , –secret-key
Secret key
-c , –cookie-value
Session cookie value

Examples

  • Encode

$ python{2,3} flask_session_cookie_manager{2,3}.py encode -s ‘.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d’ -t ‘{“number”:”326410031505″,”username”:”admin”}’ eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw

Note: the session cookie structure must be a valid python dictionary

Decode

  • With secret key:

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c ‘eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw’ -s ‘.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d’ {u’username’: ‘admin’, u’number’: ‘326410031505’}

  • Without secret key (less pretty output):

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c ‘eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw’ {“number”:{” b”:”MzI2NDEwMDMxNTA1″},”username”:{” b”:”YWRtaW4=”}}

R K

Recent Posts

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

2 days ago

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

2 days ago

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

2 days ago

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

2 days ago

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

3 days ago

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

3 days ago