Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support ZLib compressed Flask Session signed cookies #98

Merged
merged 2 commits into from
Oct 12, 2023
Merged

Support ZLib compressed Flask Session signed cookies #98

merged 2 commits into from
Oct 12, 2023

Conversation

BinaryScary
Copy link
Contributor

update regex pattern to support ZLib compressed cookies which are created if Flask Session cookie is large enough

liquidsec and others added 2 commits August 3, 2023 00:25
@liquidsec
Merge pull request blacklanternsecurity#97 from blacklanternsecurity/dev
6d56304 
adding vstate module + severity colors in cli
@BinaryScary
Support ZLib compressed Flask Session signed cookies
0512680 
update regex pattern to support ZLib compressed cookies which are created if Flask Session cookie is large enough
@BinaryScary
Copy link
Contributor Author

Example output for detection of both uncompressed and compressed Flask Session signed cookie

$ badsecrets eyJ1c2VybmFtZSI6ImV4YW1wbGVfdXNlciJ9.ZPEjfQ.8pX8fGrm8uKD8jsLhakBNyh8T54

 __ )              |                                |
 __ \    _` |   _` |   __|   _ \   __|   __|   _ \  __|   __|
 |   |  (   |  (   | \__ \   __/  (     |      __/  |   \__ \
____/  \__,_| \__,_| ____/ \___| \___| _|    \___| \__| ____/

v0.4.412

Known Secret Found!

Detecting Module: Flask_SignedCookies

Product Type: Flask Signed Cookie
Product: eyJ1c2VybmFtZSI6ImV4YW1wbGVfdXNlciJ9.ZPEjfQ.8pX8fGrm8uKD8jsLhakBNyh8T54
Secret Type: Flask Password
Location: manual
Secret: secret
Severity: HIGH
Details: True

$ badsecrets .eJwNyTEOgzAMBdC7eO6QGNskXCZKrG8hgVqJdEPcvX3ru6n5vKJ9PwfetFHCiCqwtYopo4NLiPOo4jYMuhizpJLV8oicilQF_qOeF_a104taXJg7bdHPiecHfX8ccg.ZFCriA.99lOhq3pO8yBWM7XjBshaKjqPKU

 __ )              |                                |
 __ \    _` |   _` |   __|   _ \   __|   __|   _ \  __|   __|
 |   |  (   |  (   | \__ \   __/  (     |      __/  |   \__ \
____/  \__,_| \__,_| ____/ \___| \___| _|    \___| \__| ____/

v0.4.412

Known Secret Found!

Detecting Module: Flask_SignedCookies

Product Type: Flask Signed Cookie
Product: .eJwNyTEOgzAMBdC7eO6QGNskXCZKrG8hgVqJdEPcvX3ru6n5vKJ9PwfetFHCiCqwtYopo4NLiPOo4jYMuhizpJLV8oicilQF_qOeF_a104taXJg7bdHPiecHfX8ccg.ZFCriA.99lOhq3pO8yBWM7XjBshaKjqPKU
Secret Type: Flask Password
Location: manual
Secret: secret
Severity: HIGH
Details: True

@liquidsec liquidsec changed the base branch from main to dev October 12, 2023 14:15
@liquidsec
Copy link
Collaborator

Hey, thanks for contributing this! I am going to merge it into dev now, and then add the compressed examples to the tests. Once those pass, i'll get it into main.

@liquidsec liquidsec merged commit e205037 into blacklanternsecurity:dev Oct 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liquidsec liquidsec liquidsec approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@BinaryScary @liquidsec