|03-17-2014 01:40 PM||| Edited by ne011 05-26-2014 01:20 PM|
I wanna share my experience , regarding an audit of Asp.net application. When i observed thoroughly I found that the application was vulnerable to Oracle padding attack .
I did some research and found out the following links to be very useful to do the exploitation. Initially as i read according to wiki it says:
In cryptography, the padding oracle attack is an attack on the CBC mode of operation, where the “oracle” (usually a server) leaks data about whether the padding of an encrypted message is correct or not.This can allow attackers to decrypt (and sometimes encrypt) messages through the oracle using the oracle’s key, without knowing the encryption key. it can be detected manually viewing the source and following webresource.axd?d=[hash] or by using a script :
I searched for exploiting the vulnerability using padbuster perl script.
Only the specific perl set up works for that padbuster :
(Note : active perl doesn’t work in this case)
The link below provides the details how to proceed:
Our Objective is to get some juicy info inside web.config file in the application.
The video by xcd3 explains the scenario of the application when the padding was successful.
After that i managed to successfully exploit and get the web.config information.
Next question arise how to mitigate this vulnerability :
A patch was released by Microsoft after Juliano Rizzo and Thai Duong discovered the vulnerability which is to be found in the links below.
I have piled up whatever is needed. Hope this information will help those who are looking for exploiting Oracle Padding Attack.
Disclaimer : Please do not attempt in any live environments without permission. This is for Educational purposes only.
"Every great story on the planet happened when someone decided
not to give up, but kept going no matter what."
– Spryte Loriano
|Jump to Forum:
Forum powered by fusionBoard