Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # This is my injection point in datastring
- def deserialize(datastring):
- return pickle.loads(base64.decodestring(datastring))
- # Datastring gets passed to deserialize here:
- def load(session_id, connection):
- '''Load the session from storage.'''
- try:
- value = connection.get(session_id)
- if value:
- data = value.split(':', 1)[0]
- kwargs = MemcachedSession.deserialize(data)
- return MemcachedSession(connection, **kwargs)
- except:
- return None
- return None
- # This is the value of "session_id" in my cookie:
- # session_id="2|1:0|10:1570927435|10:session_id|88:NWJlZWZkMTZiNmU1NzFmODc0M2M2OGQ5MzJkYWQyMjY0Y2NkZTgzNGY0NzQ1MWZlYjkwZjk5NTE0Y2YyZWIzNQ==|92cf13a10a7af4db8cec836f2bf8c1408c6b86ca148d02994a59dde5127b8b9c";
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement