Under Utilized Tools/Resources #26

Red Teaming, Security Research

Todays tool is called Blacklist3r. Recently I was trying to exploit a .NET deserialization vulnerability in a web application. Here is a link that is similar to what I was trying to exploit (Link HERE). Problem was the Viewstate had MAC enabled (encryption wasn’t enabled) but I couldn’t access the web.config file and didn’t find any information disclosures to grab the machinekey that is needed to properly exploit the vulnerability in this case.

That is where Blacklist3r comes in. Basically it is a trove of machinekeys that have been collected from default configurations and more. You take some of the parameters like the viewstate, and viewstate generator values, along with some other information and it tries it’s over 2000 machinekeys to see if it works. Here is a better explanation of what Blacklist3r is and does (Link HERE)

Sadly, it didn’t work but I know that Blacklist3r will definitely come in handy in the future so I wanted to post about it.

Link to download Blacklist3r HERE

Some more resources on .NET deserializations or deserializations in general:

Link HERE

Link HERE

Read all the entries in this series!

END TRANSMISSION

Published

Leave a Reply