3

Not able to decode Django session values which are being stored in django_session table.

session_data='.eJxVizsOwjAQBe_iGkX-bOw1JRUNFQew1vauEgGJRHCFuDsBpYDmFfNmnipRewypLXxPY1V75Yy1fQ-IRmsDOgZUu18pU7nw9DFvNE7d99jY0p3XPbZ8mitfD5v4Vw-0DGtaKhYkAijRaTQZvBQNHCvXaGxw4kkc5AxggwThKlgE2HuTiYNG9XoD3Gw7Mg:1llsLN:oAVvWg9xxXEmdaxYHzbJ3Ltv0UQ-i-NOt_KaHgUilhA'

I tried all the possibilities with base64 like base64.b64decode and getting binascii.Error: Incorrect padding error.

base64.b64decode(session_data)

I cant use Django inbuilt function like below in the image because I am outside of Django service

enter image description here

I need to get the dict data with decoding. Please help.

lalithkumar
  • 3,480
  • 4
  • 24
  • 40
  • *getting binascii.Error: Incorrect padding error.* - mmmhhh, I thought after our [discussion](https://stackoverflow.com/questions/67690130/base-64-encoded-in-python2-7-and-decoding-in-python3-6?noredirect=1#comment119656569_67690130) you should be much further than that. I told you about padding, I told you the complete string is not base64 encoded, but consists of `:` separated parts which are base64url encoded, I gave you a link for base64url decoding in python .... I don't understand why you ask the question again as if you never heard about all that ... – jps May 26 '21 at 14:17
  • after using `urlsafe_b64decode` we are getting binary value like starting `b'x\x9cU\x8e;\x0e\xc20\x10D`. you said "when we convert the last part of the string" I don't understand that. I splitted the session str with `:` and tried converting that also even that's not working. – lalithkumar May 26 '21 at 15:15
  • yes, it's binary and with the `hexlify`function you can convert it into a hexadecimal string: `print(binascii.hexlify(base64.urlsafe_b64decode("oAVvWg9xxXEmdaxYHzbJ3Ltv0UQ-i-NOt_KaHgUilhA=")).decode())`. The result is "a0056f5a0f71c5712675ac581f36c9dcbb6fd1443e8be34eb7f29a1e05229610". And it seems that the python base64url decode needs padding, that's why I added a "=". Usually padding is not mandatory for b64url. – jps May 26 '21 at 15:55

0 Answers0