Skip to content

damien-ramelet/cookie-monster

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cookie_factory.py
cookie_factory.py
 
 
cookie_unsigner.py
cookie_unsigner.py
 
 
main.py
main.py
 
 
pyproject.toml
pyproject.toml
 
 
uv.lock
uv.lock
 
 

Repository files navigation

cookie-monster

Why

A common step in a recon workflow is usually to check for session hijacking.

If a session cookie has been signed using a weak (or leaked) secret key, you can hijack the targetted session.

cookie-monster is willing to automate the recovery of the said secret key.

What

cookie-monster is currently handling the below frameworks cookies session:

  • express-session
  • django

More eventually coming.

How

You need the python package manager uv

Once cloned, you can install the project:

$ uv sync

And use cookie-monster:

  • With a list of secret keys through the command line
$ uv run main.py --kind express-session --cookie s%3A897a6c4e-6156-4d06-9e7f-7309e5ba9aa0.id2ah%2B2fsa5Za2HdERwx7%2BF0C0ZaMhMzHjw2F61ebTQ -w "secret_key" -w "super_secret_key"
secret_key
  • Or by providing a path to a wordlist
$ uv run main.py --kind express-session --cookie s%3A897a6c4e-6156-4d06-9e7f-7309e5ba9aa0.id2ah%2B2fsa5Za2HdERwx7%2BF0C0ZaMhMzHjw2F61ebTQ --wordlist wordlist.txt
secret_key

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages