I'm doing a web app pen test and the Oracle Padding vulnerability popped up
in Nessus and Acunetix. I tried playing with padbuster.pl and watched every
video on YouTube on this, and can't exploit it. I'm doing the bruteforce
option I found at this
http://blog.securitywhole.com/2010/10/21/net-padding-oracle-attack-padbusterpl-and-the-microsoft-recommended-workarounds.aspx
now
and hit 40K attempts and counting. It seems that the goal of all of these
docs and videos is to grab the web.config file from the server. Just so
happens that I found we.config.bak on the server already and have the file.
In that file I found the DB connection login and password info, as well as
DB table names. I'm assuming that I cant login to the web app with these
credentials....could I do anything else?
Any insight is appreciated!
--Chris
I'm doing a web app pen test and the Oracle Padding vulnerability popped up
in Nessus and Acunetix. I tried playing with padbuster.pl and watched every
video on YouTube on this, and can't exploit it. I'm doing the bruteforce
option I found at this
http://blog.securitywhole.com/2010/10/21/net-padding-oracle-attack-padbusterpl-and-the-microsoft-recommended-workarounds.aspx
now
and hit 40K attempts and counting. It seems that the goal of all of these
docs and videos is to grab the web.config file from the server. Just so
happens that I found we.config.bak on the server already and have the file.
In that file I found the DB connection login and password info, as well as
DB table names. I'm assuming that I cant login to the web app with these
credentials....could I do anything else?
Any insight is appreciated!
--Chris
