dp_cryptomg icon indicating copy to clipboard operation
dp_cryptomg copied to clipboard

verified publisher icon blacklanternsecurity

Metadata

Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.

Results 7 dp_cryptomg issues
Sort by recently updated
recently updated
newest added

URL encode GET request probes

In very rare edge cases, perhaps only in specific versions, a "+" or possibly other base64 chars will cause a false negative on an individual byte crack.

liquidsec avatar liquidsec

Add Quick Check Feature

liquidsec avatar liquidsec

Improve URL detection

Need to make non-case sensitive, and account for non-standard locations

liquidsec avatar liquidsec

bug
high-priority

Keys with lengths that aren't multiples of four aren't supported

Odd-length keys that don't line up to a multiple of 4 (so they line up with the b64 blocks) cannot be solved properly.

liquidsec avatar liquidsec

bug
medium-priority

Message colors not wrapping in the blessed interface

Colored error messages are not retaining their color when wrapped in the error pane.

liquidsec avatar liquidsec

bug
low-priority

Key length problem

In many versions, when trying to open https:// tast. tast/telerik.web.ui.dialoghandler.aspx?dp=AAAAcQ== it displays "Length cannot be less than zero. Parameter name: length" i make thes import requests import base64 url =...

alhosane avatar alhosane

The input is not a valid Base-64 string as it contains a non-base 64 character

Hello, when I used this tool for brute forcing, I noticed that after 48 bits, the characters started to repeat, indicating that the key length is 48. Because the version...

Ppsoft1991 avatar Ppsoft1991

Metadata

43
Stars
9
Forks
Watchers

Owner

verified publisher icon blacklanternsecurity

Metadata

Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.

Back