Hack Padding Oracle

This VM, Provided by Pentester Lab, has a website vulnerable to padding oracle attack . 
Our goal is to exploit this vulnerability and login as user and admin .  

Step 1 :  Now A look at Website  

The Website said that we should create an account first. This is because key only appears when you are logged in . 

Step 2 :   Using Burpsuite , We can Intercept the server's response  and see how it's look like .  

Step 3 :  Now We have Auth  Key       EgJh18CJZHgA8yMdlWl3TMqog0LpR0nE               

Step 4 : Kali has an  Padbuster  Tool .                                                                                                    
Where URL = The target URL (and query string if applicable)                                                            EncryptedSample = The encrypted value you want to test.                                                                   Must also be present in the URL, PostData or a Cookie 
BlockSize = The block size being used by the algorithm                                                                                                         

Step 5 :  Now Decrypt Value Of Auth key is user = hacker . We Can Simply Reencrypt Using the String User = demo  

padbuster EgJh18CJZHgA8yMdlWl3TMqog0LpR0nE 8 --cookies auth=EgJh18CJZHgA8yMdlWl3TMqog0LpR0nE --encoding 0  -plaintext user=demo 


Step 6 :  Using Burpsuite , Intercept the Request and Change the Auth Cookie Value With the New Encrypted value  


Step 7 :  Click Forward and You Got Logged in User Account .


Thank You Pentester Lab . 


Popular posts from this blog

File Upload Vulnerability Bug In bit defender

Mobile ASVS 0.9.1