Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-23 05:03:35 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/pentesting-web/nodejs-express.md
Translator workflow e90c803209 Translated to Japanese
2023-07-07 23:42:27 +00:00

4.7 KiB
Raw Blame History

NodeJS Express

Cookie Signature

ツールhttps://github.com/DigitalInterruption/cookie-monsterは、Express.jsのクッキーシークレットのテストと再署名を自動化するためのユーティリティです。

特定の名前を持つ単一のクッキー

$ cookie-monster -c eyJmb28iOiJiYXIifQ== -s LVMVxSNPdU_G8S3mkjlShUD78s4 -n session

カスタムワードリスト

You can create a custom wordlist to use during your penetration testing activities. A wordlist is a file that contains a list of words, passwords, or phrases that can be used for various purposes, such as password cracking or brute-forcing.

To create a custom wordlist, follow these steps:

  1. Gather relevant information: Before creating a wordlist, gather as much information as possible about the target. This can include details about the target's industry, employees, interests, or any other information that might be useful in generating potential passwords or phrases.

  2. Generate word combinations: Use the gathered information to generate word combinations that are likely to be used as passwords. This can include combinations of names, dates, common phrases, or any other relevant information.

  3. Include common passwords: Include common passwords that are often used by individuals. These can be obtained from publicly available password lists or by researching common password patterns.

  4. Add variations: Create variations of the words or phrases by adding numbers, special characters, or changing the case (e.g., uppercase, lowercase, or mixed case).

  5. Remove duplicates: Remove any duplicate entries from the wordlist to avoid redundancy.

  6. Organize the wordlist: Organize the wordlist in a structured manner, such as by category or relevance, to make it easier to navigate and use during penetration testing.

Remember to always use custom wordlists responsibly and within the scope of your authorized penetration testing activities.

$ cookie-monster -c eyJmb28iOiJiYXIifQ== -s LVMVxSNPdU_G8S3mkjlShUD78s4 -w custom.lst

バッチモードを使用して複数のクッキーをテストする

In batch mode, you can test multiple cookies simultaneously by providing a list of cookies in a file. This can be useful when you want to test the security of multiple cookies at once.

To test multiple cookies using batch mode, follow these steps:

  1. Create a text file and list the cookies you want to test, one per line. For example, you can create a file called cookies.txt and add the following cookies:
cookie1=value1
cookie2=value2
cookie3=value3
  1. Save the file and run the batch mode command, specifying the file containing the cookies:
$ hacktricks cookies -b cookies.txt
  1. The tool will test each cookie in the file and provide the results. You can analyze the output to identify any security vulnerabilities or misconfigurations associated with the cookies.

By testing multiple cookies in batch mode, you can save time and efficiently assess the security of your web application's cookie-based authentication system.

$ cookie-monster -b -f cookies.json

カスタムワードリストを使用して、バッチモードで複数のクッキーをテストする

In order to test multiple cookies using batch mode with a custom wordlist, you can follow these steps:

  1. Create a custom wordlist containing the possible values for the cookies you want to test. This wordlist should include different combinations of characters, numbers, and symbols that could be used in the cookies.

  2. Use a tool or script that supports batch mode testing, such as Burp Suite or OWASP ZAP. These tools allow you to automate the testing process and provide options for using custom wordlists.

  3. Configure the tool to use the custom wordlist for testing the cookies. This can usually be done through the tool's settings or configuration options.

  4. Start the batch mode testing and let the tool iterate through the wordlist, testing each value against the cookies. The tool will automatically send requests with different cookie values and analyze the responses.

  5. Monitor the tool's output or logs to identify any successful matches or potential vulnerabilities. The tool will usually indicate if a cookie value is valid or if it triggers any unexpected behavior.

By using batch mode testing with a custom wordlist, you can efficiently test multiple cookies and identify any potential security issues or vulnerabilities.

$ cookie-monster -b -f cookies.json -w custom.lst

新しいクッキーをエンコードして署名する

もし秘密を知っている場合、クッキーに署名を付けることができます。

$ cookie-monster -e -f new_cookie.json -k secret