.
Thai Duong and Juliano Rizzo presented in the latest Ekoparty a tool called POET
(Padding Oracle Exploit Tool ) that allows a user to decrypt and forge cookies, that
could lead to an information disclosure or a full system compromise as you will be
able to see in the following video.
In this video we show how to use POET to attack the latest version of ASP.NET. The
target application is DotNetNuke. The attack consists of two phases:
1. In the first phase, we use POET to extract DotNetNuke's secret keys, and use
those keys to generate a cookie to login as a super user. The same technique can be
used to attack _every_ ASP.NET application.
2. In the second phase, we use Cesar Cerrudo's Token Kidnapping attack to gain
SYSTEM privilege on the Windows server hosting DotNetNuke.
EDIT:
Download the Ekoparty 2K10 slides for Padding Oracles Everywhere
http://netifera.com/research/#ekoparty
.
Wednesday, September 22, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment