Tag Archives: cryptography

Padding oracle attack explained

In cryptography, the padding oracle attack is an attack on the CBC mode of operation, where the server leaks data about whether the padding of an encrypted message is correct or not. oracle refers to a mechanism in cryptography that can be used to determine whether a test has passed or failed. This information would help an attacker to decrypt and encrypt data without key.

How to find your .NET application is vulnerable to padding oracle attack or not?

    1. Using burp proxy capture a request to webresource.axd file
    2. Change one character in the d value and send the request to the server. Observe the response.
    3. Send request to a non existent aspx page on the server. Observe the response.
    4. Response 2 and response 3 are differ, then it is possible to exploit the attack.


My OWASP presentation on 20-Aug-2011:


padbuster tool can be used to automate the padding oracle attack. This tool is a free ware and you can download it from –

* Perl is required to run padbuster. Perl can be downloaded from

Padbuster usage to attack .NET applications

  1. Encrypt web.config file AAAAAAAAAAAAAAAAAAAAAA2 16 -encoding 3 -plaintext "|||~/web.config
  2. Brute force the first block (supply the encrypted value generated in step 1 as d value to the ScriptResource.axd) iJBC6whziIIWQhKYX4KDpwAAAAAAAAAAAAAAAAAAAAA1 16 -encoding 3 -bruteforce –log
  3. Observe the log, it will display a lot of 200 ok messages & URLs. Grab the URL which has highest content-length and paste it in the browser. It displays the web.config content.

* If its an authenticated website add cookies to the padbuster using -cookies option.  

Watch this video to get a better understanding of the attack:


Posted by on August 19, 2011 in web application hacking

1 Comment

Tags: , , , ,