Skip to content

noraj/flask-session-cookie-manager

BranchesTags

Repository files navigation

Flask Session Cookie Decoder/Encoder

Build Status Build Status Rawsec's CyberSecurity Inventory GitHub top language GitHub license

Original author : Wilson Sumanang

Fixes and improvements author : Alexandre ZANNI

Imported from saruberoz.github.io

Depencencies

Installation

Package

Packaging status

BlackArch Linux

pacman -S flask-session-cookie-manager{3,2}

Git

ArchLinux

Both python3 and python2:

git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager makepkg -sic

Other distros

Find your way with your package manager, use pip in a virtual environment or use pyenv.

Eg.

git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager python -m venv venv source venv/bin/activate python -m pip install .

Usage

Use flask_session_cookie_manager3.py with Python 3 and flask_session_cookie_manager2.py with Python 2.

usage: flask_session_cookie_manager{2,3}.py [-h] {encode,decode} ... Flask Session Cookie Decoder/Encoder positional arguments: {encode,decode} sub-command help encode encode decode decode optional arguments: -h, --help show this help message and exit

Encode

usage: flask_session_cookie_manager{2,3}.py encode [-h] -s <string> -t <string> optional arguments: -h, --help show this help message and exit -s <string>, --secret-key <string> Secret key -t <string>, --cookie-structure <string> Session cookie structure

Decode

usage: flask_session_cookie_manager{2,3}.py decode [-h] [-s <string>] -c <string> optional arguments: -h, --help show this help message and exit -s <string>, --secret-key <string> Secret key -c <string>, --cookie-value <string> Session cookie value

Examples

Encode

$ python{2,3} flask_session_cookie_manager{2,3}.py encode -s '.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d' -t '{"number":"326410031505","username":"admin"}' eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw

Note: the session cookie structure must be a valid python dictionary

Decode

With secret key:

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c 'eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw' -s '.{y]tR&sp&77RdO~u3@XAh#TalD@Oh~yOF_51H(QV};K|ghT^d' {u'username': 'admin', u'number': '326410031505'}

Without secret key (less pretty output):

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c 'eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw' {"number":{" b":"MzI2NDEwMDMxNTA1"},"username":{" b":"YWRtaW4="}}

About

🍪 Flask Session Cookie Decoder/Encoder

noraj.github.io/flask-session-cookie-manager/

Topics

flask tool cookie encoder decoder pentest offensive-security

Resources

Readme

License

MIT license
Activity

Stars

740 stars

Watchers

7 watching

Forks

90 forks
Report repository

Releases 2

1.2.2 Latest
Jan 2, 2025
+ 1 release

Sponsor this project

  •  
Learn more about GitHub Sponsors

Contributors 3

  •  
  •  
  •  

Languages