因此,正如标题所示,我正在尝试解密laravel应用程序使用的nodeJs的会话ID。但是当我尝试反序列化数据时,我一直收到此错误:
SyntaxError:未知/未处理的数据类型:错误(C:\ V12Projects \ craiglist \ node_modules \ php-unserialize \ php-unserialize.js:54:13)
我的主要代码如下:
let session = cookie.parse(req.headers.cookie).laravel_session;
let sessionKey = getSessionKey(session, process.env.APP_KEY);
我的助手函数“ getSessionKey”如下:
getSessionKey = function(laravelSession, laravelKey, keyLength) {
keyLength = keyLength || 32;
let cypher = 'aes-' + keyLength * 8 + '-cbc'; // + '-cbc'
//Get session object
laravelSession = new Buffer(laravelSession, 'base64');
laravelSession = laravelSession.toString();
laravelSession = JSON.parse(laravelSession);
//Create key buffer
laravelKey = new Buffer(laravelKey, 'base64');
//crypto required iv in binary or buffer
laravelSession.iv = new Buffer(laravelSession.iv, 'base64');
laravelSession.value = new Buffer(laravelSession.value, 'base64')
//create decoder
let decipher = crypto.createDecipheriv(cypher, laravelKey, laravelSession.iv);
decipher.setAutoPadding(false);
//let decoded = decoder.update(laravelSession.value, 'base64');
let decoded = Buffer.concat([decipher.update(laravelSession.value), decipher.final()], 'base64');
//the error happens in the line below
let sessionId = PHPUnserialize.unserialize(decoded.toString('ascii'));
return sessionId;
}