maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
hacktricks/src/network-services-pentesting/pentesting-web/nodejs-express.md

956 B
Raw Blame History

NodeJS Express

{{#include ../../banners/hacktricks-training.md}}

Cookie Signature

该工具 https://github.com/DigitalInterruption/cookie-monster 是一个用于自动化测试和重新签名 Express.js cookie 秘密的实用程序。

Single cookie with a specific name

cookie-monster -c eyJmb28iOiJiYXIifQ== -s LVMVxSNPdU_G8S3mkjlShUD78s4 -n session

自定义字典

cookie-monster -c eyJmb28iOiJiYXIifQ== -s LVMVxSNPdU_G8S3mkjlShUD78s4 -w custom.lst

使用批处理模式测试多个 Cookie

cookie-monster -b -f cookies.json

使用自定义字典在批处理模式下测试多个 Cookie

cookie-monster -b -f cookies.json -w custom.lst

编码并签署新 cookie

如果你知道秘密,你可以签署 cookie。

cookie-monster -e -f new_cookie.json -k secret

{{#include ../../banners/hacktricks-training.md}}