Padding oracle attack against ASP.NET

Padding oracle attack against ASP.NET

An exploit for the Padding Oracle Attack. Tested against ASP.NET, works like a charm. The CBC mode must use PKCS7 for the padding block. This is an implementation of this great article Padding Oracle Attack. I advise you to read it if you want to understand the basic of the attack. This exploit allow block size of 8 or 16 this mean it can be use even if the cipher use AES or DES.

example-usage

example-usage

Usage:

exploit.py Script:

Source :https://github.com/mpgn