Awesome Open Source
Awesome Open Source

Flask Session Cookie Decoder/Encoder

Build Status Build Status Rawsec's CyberSecurity Inventory GitHub top language GitHub license

Original author : Wilson Sumanang

Fixes and improvements author : Alexandre ZANNI

Imported from saruberoz.github.io

Depencencies

Installation

Package

Packaging status

BlackArch Linux

# pacman -S flask-session-cookie-manager{3,2}

Git

ArchLinux

Both python3 etn python2:

$ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager
# makepkg -sic

Other distros

Find your way with your package manager, use pip in a virtual environment or use pyenv.

Eg.

$ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd flask-session-cookie-manager
$ python -m venv venv
$ source venv/bin/activate
$ python setup.py install

Usage

Use flask_session_cookie_manager3.py with Python 3 and flask_session_cookie_manager2.py with Python 2.

usage: flask_session_cookie_manager{2,3}.py [-h] {encode,decode} ...

Flask Session Cookie Decoder/Encoder

positional arguments:
  {encode,decode}  sub-command help
    encode         encode
    decode         decode

optional arguments:
  -h, --help       show this help message and exit

Encode

usage: flask_session_cookie_manager{2,3}.py encode [-h] -s <string> -t <string>

optional arguments:
  -h, --help            show this help message and exit
  -s <string>, --secret-key <string>
                        Secret key
  -t <string>, --cookie-structure <string>
                        Session cookie structure

Decode

usage: flask_session_cookie_manager.py decode [-h] [-s <string>] -c <string>

optional arguments:
  -h, --help            show this help message and exit
  -s <string>, --secret-key <string>
                        Secret key
  -c <string>, --cookie-value <string>
                        Session cookie value

Examples

Encode

$ python{2,3} flask_session_cookie_manager{2,3}.py encode -s '.{y]tR&sp&[email protected]#[email protected]~yOF_51H(QV};K|ghT^d' -t '{"number":"326410031505","username":"admin"}'
eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw

Note: the session cookie structure must be a valid python dictionary

Decode

With secret key:

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c 'eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw' -s '.{y]tR&sp&[email protected]#[email protected]~yOF_51H(QV};K|ghT^d'
{u'username': 'admin', u'number': '326410031505'}

Without secret key (less pretty output):

$ python{2,3} flask_session_cookie_manager{2,3}.py decode -c 'eyJudW1iZXIiOnsiIGIiOiJNekkyTkRFd01ETXhOVEExIn0sInVzZXJuYW1lIjp7IiBiIjoiWVdSdGFXND0ifX0.DE2iRA.ig5KSlnmsDH4uhDpmsFRPupB5Vw'
{"number":{" b":"MzI2NDEwMDMxNTA1"},"username":{" b":"YWRtaW4="}}

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (1,140,932
Flask (10,007
Tool (6,441
Pentest (644
Decoder (561
Cookie (545
Encoder (539
Offensive Security (179
Related Projects