You can find it here:
http://www.ampliasecurity.com/research/aspx_po_chotext_attack.rb
A proof-of-concept attack against MS10-070, this PoC is an implementation in Ruby of a Padding Oracle attack and allows you to download the 'Web.config' file or any other file from a vulnerable ASP.NET installation.
It was written by Agustin Azubel (aazubel [ at ] ampliasecurity.com).
No comments:
Post a Comment