d7kZTG9q

1""" Flask Session Cookie Decoder/Encoder """
2__author__ = 'Wilson Sumanang, Alexandre ZANNI'
3
4# standard imports
5import sys
6import zlib
7from itsdangerous import base64_decode
8import ast
9
10# Lib for argument parsing
11import argparse
12
13# Description for help
14parser = argparse.ArgumentParser(
15            description='Flask Session Cookie Decoder/Encoder',
16            epilog="Author : Wilson Sumanang, Alexandre ZANNI")
17
18# prepare sub commands
19subparsers = parser.add_subparsers(help='sub-command help', dest='subcommand')
20
21# create the parser for the encode command
22parser_encode = subparsers.add_parser('encode', help='encode')
23parser_encode.add_argument('-s', '--secret-key', metavar='<string>',
24                            help='Secret key', required=True)
25parser_encode.add_argument('-t', '--cookie-structure', metavar='<string>',
26                            help='Session cookie structure', required=True)
27
28# create the parser for the decode command
29parser_decode = subparsers.add_parser('decode', help='decode')
30parser_decode.add_argument('-s', '--secret-key', metavar='<string>',
31                            help='Secret key', required=False)
32parser_decode.add_argument('-c', '--cookie-value', metavar='<string>',
33                            help='Session cookie value', required=True)
34
35# get args
36args = parser.parse_args()
37
38# external Imports
39from flask.sessions import SecureCookieSessionInterface
40
41
42class MockApp(object):
43
44    def __init__(self, secret_key):
45        self.secret_key = secret_key
46
47
48def session_cookie_encoder(secret_key, session_cookie_structure):
49    """ Encode a Flask session cookie """
50    try:
51        app = MockApp(secret_key)
52
53        session_cookie_structure = dict(ast.literal_eval(session_cookie_structure))
54        si = SecureCookieSessionInterface()
55        s = si.get_signing_serializer(app)
56
57        return s.dumps(session_cookie_structure)
58    except Exception as e:
59        return "[Encoding error]{}".format(e)
60
61
62def session_cookie_decoder(session_cookie_value, secret_key=None):
63    """ Decode a Flask cookie  """
64    try:
65        if(secret_key==None):
66            compressed = False
67            payload = session_cookie_value
68
69            if payload.startswith(b'.'):
70                compressed = True
71                payload = payload[1:]
72
73            data = payload.split(".")[0]
74
75            data = base64_decode(data)
76            if compressed:
77                data = zlib.decompress(data)
78
79            return data
80        else:
81            app = MockApp(secret_key)
82
83            si = SecureCookieSessionInterface()
84            s = si.get_signing_serializer(app)
85
86            return s.loads(session_cookie_value)
87    except Exception as e:
88        return "[Decoding error]{}".format(e)
89
90
91if __name__ == "__main__":
92    # find the option chosen
93    if(args.subcommand == 'encode'):
94        if(args.secret_key is not None and args.cookie_structure is not None):
95            print(session_cookie_encoder(args.secret_key, args.cookie_structure))
96    elif(args.subcommand == 'decode'):
97        if(args.secret_key is not None and args.cookie_value is not None):
98            print(session_cookie_decoder(args.cookie_value,args.secret_key))
99        elif(args.cookie_value is not None):
100            print(session_cookie_decoder(args.cookie_value))