Logan Iyanna's Videos (OracleConnections) - OracleConnections2024-05-13T11:24:08Zhttp://www.oracleconnections.com/video/video/listForContributor?screenName=32vwv5yeytpi5&rss=yes&xn_auth=noMS10-070 ASP.NET Padding Oracle attack proof-of-concept exploittag:www.oracleconnections.com,2013-09-04:6612035:Video:332812013-09-04T12:29:49.833ZLogan Iyannahttp://www.oracleconnections.com/profile/LoganIyanna
<a href="http://www.oracleconnections.com/video/ms10-070-asp-net-padding-oracle-attack-proof-of-concept-exploit"><br />
<img alt="Thumbnail" height="135" src="http://storage.ning.com/topology/rest/1.0/file/get/334181594?profile=original&width=240&height=135" width="240"></img><br />
</a> <br></br>This proof-of-concept exploit performs a Padding Oracle attack against a simple ASP.NET application (it can be any application) to download a file from the remote Web Server. In this example the proof-of-concept exploit downloads the Web.config file.<br></br>
<br></br>
This proof of concept exploit can be found at…
<a href="http://www.oracleconnections.com/video/ms10-070-asp-net-padding-oracle-attack-proof-of-concept-exploit"><br />
<img src="http://storage.ning.com/topology/rest/1.0/file/get/334181594?profile=original&width=240&height=135" width="240" height="135" alt="Thumbnail" /><br />
</a><br />This proof-of-concept exploit performs a Padding Oracle attack against a simple ASP.NET application (it can be any application) to download a file from the remote Web Server. In this example the proof-of-concept exploit downloads the Web.config file.<br />
<br />
This proof of concept exploit can be found at <a href="http://www.ampliasecurity.com/research/aspx_po_chotext_attack.rb">http://www.ampliasecurity.com/research/aspx_po_chotext_attack.rb</a>