drzippie · March 24, 2015 10:01
diff --git a/checkCookieWordpress.go b/checkCookieWordpress.go
 package main

 import (
 	"crypto/hmac"
 	"crypto/md5"
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"strings"
 )

 type cookieWP struct {
 	User       string
 	Scheme     string
 	Expiration string
 	Token      string
 	Hmac       string
 }

 func main() {

 	// cookieName -> wordpress_logged_in + md5( domain )
 	//  cookieName := `wordpress_logged_in_d33f7171d85009b773bd2aab4967e7f8`
 	// wp-config.php define('LOGGED_IN_KEY',    [...]);
 	loggedKey := "TLA$Zt1tTX5&{V,`sa8^I&p%dA^CJ~,0t?]*dG}V8gW=5lGc1l{0hO3=.vJ+qbi-"
 	// wp-config.php  define('LOGGED_IN_SALT',   [...]);
 	loggedSalt := "=B^Bd+prt?@UVG=NClBUbq;}iY{d|5m 7Y4R3sws-+5ddEJHW,3J`{=.]OUGY1Hb"

 	// the content of cookie
 	cookieValue := `admin%7C1427358559%7Cg3JkuKWnFFTsynJkHRb7zplvCKQJH8rvmqPdOXDnctB%7Cc3510f74afcd0fd0ddb8e5096dd59d00f6843e5df645081723afa091286cef6a`
 	elements := strings.Split(cookieValue, `%7C`)

 	cookie := &cookieWP{
 		Scheme:     "logged_in",
 		User:       elements[0],
 		Expiration: elements[1],
 		Token:      elements[2],
 		Hmac:       elements[3],
 	}
 	// passFragment is the substring (8, 4 ) of db wp_users, field user_pass
 	// where user_login = cookie.User
 	// substring 8:4
 	passFragment := `a938`

 	fromKey := cookie.User + `|` + passFragment + `|` + cookie.Expiration + `|` + cookie.Token
 	hasher := hmac.New(md5.New, []byte(loggedKey+loggedSalt))
 	hasher.Write([]byte(fromKey))
 	hashed := hex.EncodeToString(hasher.Sum(nil))
 	hashercheck := hmac.New(sha256.New, []byte(hashed))

 	hashercheck.Write([]byte(cookie.User + `|` + cookie.Expiration + `|` + cookie.Token))

 	hashedcheck := hex.EncodeToString(hashercheck.Sum(nil))
 	fmt.Println("hashed  ", cookie.Hmac, " -> ", hashedcheck)

 	if cookie.Hmac == hashedcheck {
 		fmt.Println("hello ", cookie.User)
 	} else {
 		fmt.Println("bad cookie for ", cookie.User)
 	}
 }
	package main

	import (
	"crypto/hmac"
	"crypto/md5"
	"crypto/sha256"
	"encoding/hex"
	"fmt"
	"strings"
	)

	type cookieWP struct {
	User string
	Scheme string
	Expiration string
	Token string
	Hmac string
	}

	func main() {

	// cookieName -> wordpress_logged_in + md5( domain )
	// cookieName := `wordpress_logged_in_d33f7171d85009b773bd2aab4967e7f8`
	// wp-config.php define('LOGGED_IN_KEY', [...]);
	loggedKey := "TLA$Zt1tTX5&{V,`sa8^I&p%dA^CJ~,0t?]*dG}V8gW=5lGc1l{0hO3=.vJ+qbi-"
	// wp-config.php define('LOGGED_IN_SALT', [...]);
	loggedSalt := "=B^Bd+prt?@UVG=NClBUbq;}iY{d\|5m 7Y4R3sws-+5ddEJHW,3J`{=.]OUGY1Hb"

	// the content of cookie
	cookieValue := `admin%7C1427358559%7Cg3JkuKWnFFTsynJkHRb7zplvCKQJH8rvmqPdOXDnctB%7Cc3510f74afcd0fd0ddb8e5096dd59d00f6843e5df645081723afa091286cef6a`
	elements := strings.Split(cookieValue, `%7C`)

	cookie := &cookieWP{
	Scheme: "logged_in",
	User: elements[0],
	Expiration: elements[1],
	Token: elements[2],
	Hmac: elements[3],
	}
	// passFragment is the substring (8, 4 ) of db wp_users, field user_pass
	// where user_login = cookie.User
	// substring 8:4
	passFragment := `a938`

	fromKey := cookie.User + `\|` + passFragment + `\|` + cookie.Expiration + `\|` + cookie.Token
	hasher := hmac.New(md5.New, []byte(loggedKey+loggedSalt))
	hasher.Write([]byte(fromKey))
	hashed := hex.EncodeToString(hasher.Sum(nil))
	hashercheck := hmac.New(sha256.New, []byte(hashed))

	hashercheck.Write([]byte(cookie.User + `\|` + cookie.Expiration + `\|` + cookie.Token))

	hashedcheck := hex.EncodeToString(hashercheck.Sum(nil))
	fmt.Println("hashed ", cookie.Hmac, " -> ", hashedcheck)

	if cookie.Hmac == hashedcheck {
	fmt.Println("hello ", cookie.User)
	} else {
	fmt.Println("bad cookie for ", cookie.User)
	}
	}
No results found