all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Laravel Tinker: login as another user and generate an injectable session cookie

Add to bookmarks
May 8, 2024, 11:19 p.m. | Lemuel Flores

DEV Community dev.to




Generating session cookie



  • Enter Laravel Tinker



php artisan tinker



  • Authenticate



# Login using id
auth()->loginUsingId(1);

# Login using a user instance
auth()->login(User::where('email', 'foo@bar.com')->first())



  • Save the session



session()->save()


If you are not using EncryptedCookie for some reason, you can stop at this step and proceed to injecting the session id to your session cookie:



session()->getId()



  • Generate the cookie value that is about to get encrypted



\Illuminate\Cookie\CookieValuePrefix::create(config('session.cookie'), app(\Illuminate\Contracts\Encryption\Encrypter::class)->getKey()).session()->getId()



  • Generate the encrypted cookie value


It is highly likely the 2nd parameter here is …

auth authenticate can com cookie email instance laravel login php session

Visit resource

More from dev.to / DEV Community

Effective Methods to Secure Your Online Store Against Cyber Threats an hour ago | dev.to
age businesses customers cyber +20
Set up an automated incident management response using AWS 7 hours ago | dev.to
automated automation aws configuration +14
HackerRank SQL Preparation: Weather Observation Station 1(MySQL) 7 hours ago | dev.to
city hackerrank link list +13
HackerRank SQL Preparation: Japanese Cities' Names(MySQL) 7 hours ago | dev.to
cities city column hackerrank +14
How to configure Server-Side Encryption (SSE-S3) in Amazon S3? 11 hours ago | dev.to
amazon amazon s3 api aws +17
Identifying Container Image Vulnerabilities with Docker Scout 12 hours ago | dev.to
article cicd container docker +6
Simplifying Software Mechanics: A Clear Guide to Processes, Threads, Handles, Services, and Applications 14 hours ago | dev.to
applications artificial artificial intelligence basics +24
How To Manage Amazon Inspector in AWS Organizations Using Terraform 19 hours ago | dev.to
amazon amazon inspector aws aws organizations +18
Exposing the Deception: Discord Account Generator with Hidden Malware 20 hours ago | dev.to
account cdn community cybersecurity +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com