site: blog.skullsecurity.org
Solving b-64-b-tuff: writing base64 and alphanumeric shellcode
https://blog.skullsecurity.org/2017/solving-b-64-b-tuff-writing-base64-and-alphanumeric-shellcode [blog.skullsecurity.org]
2017-06-15 18:54
This is a fun exercise, though it gets a bit involved.
Going the other way with padding oracles: Encrypting arbitrary data!
https://blog.skullsecurity.org/2016/going-the-other-way-with-padding-oracles-encrypting-arbitrary-data [blog.skullsecurity.org]
2016-12-20 03:45
Anyway, in this post, we’ll talk about a situation where you have a padding oracle vulnerability, and you want to encrypt arbitrary data instead of decrypting their data. It might, for example, be a cookie that contains a filename for your profile data. If you change the encrypted data in a cookie to an important file on the filesystem, suddenly you have arbitrary file read!