Skip to content

auxiliary enum check_padding_patch

Jump to bottom Edit New page
cktricky edited this page Apr 28, 2011 · 2 revisions

Author(s):

willis

Description:

This is a port of the handful of Oracle Padding Vuln scripts that check if the MS10-070 patch has been applied using ScriptResource or WebResource as an indicator.

This is not original work. Creds to Rizzo and Duong original research on the topic, Brian Holyfield's padbuster, and Bernardo Damele for the python port.

References:

https://www.gdssecurity.com/l/t/d.php?k=PadBuster

http://twitter.com/julianor/status/26419702099

http://bernardodamele.blogspot.com/2011/04/ms10-070-padding-oracle-applied-to-net.html

Module Options:

D      ***               true       The required d parameter from either WebResource or ScriptResource

Options Explained (Module Specific):

When setting the D option, utilize the value following /ScriptResource.axd?d= below:

/ScriptResource.axd?d=2nYOzoKtRvjs-g53K3r7VKmEXeQl_XMNY8nDEwcgwGVcS5Z8b9GanbNdzIgg493kfB_oInMb2DtFFEy5e-ajqdwMbg1F96l10

Real world example:

The target website has a ScriptResource.axd resource available and we'd like to test whether or not it is vulnerable to the Oracle Padding Attack. We've identified the following:

http://www.example.com/ScriptResource.axd?d=2nYOzoKtRvjs-g53K3r7VKmEXeQl_XMNY8nDEwcgwGVcS5Z8b9GanbNdzIgg493kfB_oInMb2DtFFEy5e-ajqdwMbg1F96l10

So we'd do the following:

set D 2nYOzoKtRvjs-g53K3r7VKmEXeQl_XMNY8nDEwcgwGVcS5Z8b9GanbNdzIgg493kfB_oInMb2DtFFEy5e-ajqdwMbg1F96l10
run
Add a custom footer
Add a custom sidebar
Clone this wiki locally