Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rails_secretkeybase error handling #78

Merged
merged 1 commit into from
Jul 6, 2023
Merged

rails_secretkeybase error handling #78

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion badsecrets/modules/rails_secretkeybase.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ def rails(self, rails_cookie, secret_key_base):
encrypted_data = base64.b64decode(data).decode()
iv = encrypted_data.split("--")[1]
data = encrypted_data.split("--")[0]
except (UnicodeDecodeError, IndexError):
except (UnicodeDecodeError, IndexError, binascii.Error):
return

if len(base64.b64decode(iv)) == 16:
Expand Down
1 change: 0 additions & 1 deletion badsecrets/resources/aspnet_machinekeys.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2779,7 +2779,6 @@ C3DD5E21134BDCAF7D951A2ED8E45F7E7395A8CEBAA6A43A8D8528A85B9AB00D,ADCBCFC864936D0
C3E566B36D7D737C3642E6AEE1FBF7E40F002E08,D993D168BAA3518CB12F32BBBF93D259A2D3E91EA0DE65A8
C3ECDA658438CB56E1B2214D481AD1357E57469F,E23294FEFD59AF24CA7BE43F355F38E94D1FB48B687A6D3C
C3F4C2EA177D400D5079E51F9CF1C9F8BBC4BD1E8ACC3C08EBB55D3FEB9D2076AFB83A4E23856B34CF4A10F98FADB0625147D3B5EC5C425995DECFFD0D10B0B7,A2C88FF5B85D9A4073DF6E63BFEDC8122D26BEFFD1436284
***REMOVED***
C404DBC640257AA6DD1632CC42279467947E0539A484964B67AF2706E0C1E50A7D0075698C692D5E27A5337A223A1D7EE78678B803918D5F8C1F0A623E2FFC07,C3C74BBF830D1FD79576F70BEE59D12D9A99CC7AB564E3BD851C27A2563A72C1
C40E61DCB9CF02AF9B87ECF85E4F098A7A92858E34654EC633A04992E4D9222AA9EE7E5B13A1A67F36336404E93A664BA05E797543C1163BF5088618507E6853,E62236F1C28D325263320588532A716642411E7417752D4D
C41E5BEB7FD938AC1368A9EE0A97BAD2F6DBC4AB563FB9F89ED37C4D0CD5B7918FA822AD2A181A5B4FB7CF3826C56F043A93B4B08816E037485F61070AB2AD6A,968DB8BE829EC55028B809D75D3DF3BAB406B2D8EF7FF712D7F36B9ABCD99016
Expand Down
10 changes: 9 additions & 1 deletion tests/rails_secretkeybase_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,17 @@ def test_rails_malformed():
assert not found_key


def test_rails_unicode_error():
def test_rails_error_unicode():
x = Rails_SecretKeyBase()
found_key = x.check_secret(
"dUEvRldLekFNcklGZ3ZSbU1XaHJ0ZGxsLzhYTHlNTW43T3BVN05kZXE3WUhQOVVKbVA3Rm5WaSs5eG5QQ1VIRVBzeDFNTnNpZ0xCM1FKbzFZTEJISzhaNzFmVGYzME0waDFURVpCYm5TQlJFRmRFclYzNUZhR3VuN29PMmlkVHBrRi8wb3AwZWgvWmxObkFOYnpkeHR1YWpWZ3lnN0Y4ZW9xSk9LNVlQd0U4MmFsbWtLZUI5VzkzRkM4YXBFWXBWeS9NMTBNZ1RadmU5ZlFnMWVZaXpaZz09--7efe7919a5210cfd1ac4c6228e3ff82c0600d841"
)
assert not found_key


def test_rails_error_binascii():
x = Rails_SecretKeyBase()
found_key = x.check_secret(
"dUEvRldLekFNcklGZ3ZSbU1XaHJ0ZGxsLzhYTHlNTW43T3BVN05kZXE3WUhQOVVKbVA3Rm5WaSs5eG5QQ1VIRVBzeDFNTnNpZ0xCM1FKbzFZTEJISzhaNzFmVGYzME0waDFURVpCYm5TQlJFRmRFclYzNUZhR3VuN29PMmlkVHBrRi8wb3AwZWgvWmxObkFOYnpkeHR1YWpWZ3lnN0Y4ZW9xSk9LNVlQd0U4MmFsbWtLZUI5VzkzRkM4YXBFWXBWeS9NMTBNZ1RadmU5ZlFnMWV%20XpaZz09--7efe7919a5210cfd1ac4c6228e3ff82c0600d841"
)
assert not found_key