public static void GetPurposeAndClearData(ReadObject objData, out Purpose objPurpose, out byte[] byteClearData) { switch (enumPurpose) { case EnumPurpose.OWINCOOKIE: Dictionary <string, Purpose> dictPurposeMap = new Dictionary <string, Purpose>(StringComparer.Ordinal) { { "owin.cookie", Purpose.User_MachineKey_Protect.AppendSpecificPurposes( new [] { "Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware", "ApplicationCookie", "v1" } ) } }; dictPurposeMap.TryGetValue("owin.cookie", out objPurpose); byteClearData = DataWriter.Compress(StringToHexByteArray(objData.AspNetAppCookie)); break; case EnumPurpose.ASPXAUTH: objPurpose = Purpose.FormsAuthentication_Ticket; byteClearData = FormAuthenticationHelper.ConvertToBytes(objData.objFormAuthCookie); break; case EnumPurpose.WEBRESOURCE: objPurpose = Purpose.AssemblyResourceLoader_WebResourceUrl; byteClearData = Encoding.ASCII.GetBytes(objData.WebResourceData); break; case EnumPurpose.SCRIPTRESOURCE: objPurpose = Purpose.ScriptResourceHandler_ScriptResourceUrl; byteClearData = Encoding.ASCII.GetBytes(objData.ScriptResourceData); break; case EnumPurpose.VIEWSTATE: byteClearData = null; objPurpose = null; break; case EnumPurpose.UNKNOWN: byteClearData = null; objPurpose = null; break; default: byteClearData = null; objPurpose = null; break; } }
public static void WriteOtherDataToFile(EnumPurpose enumPurpose, byte[] byteClearData) { byte[] byteData = null; using (FileStream streamWriter = new FileStream(AspDotNetWrapper.strDecryptedTxtFilePath, FileMode.Append, FileAccess.Write)) { switch (enumPurpose) { case EnumPurpose.OWINCOOKIE: byteClearData = Decompress(byteClearData); byteData = Encoding.ASCII.GetBytes(ContantValue.strAspNetApplicationCookie); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.OWINOAUTH: byteClearData = Decompress(byteClearData); byteData = Encoding.ASCII.GetBytes(ContantValue.strAspNetOAuth); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.ASPXAUTH: FormsAuthenticationCookie objCookie = FormAuthenticationHelper.ConvertToAuthenticationTicket(byteClearData); byteData = Encoding.ASCII.GetBytes(ContantValue.strCookiePath + objCookie.CookiePath); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strExpireUTC + objCookie.ExpiresUtc.ToString()); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strIsPersistent + objCookie.IsPersistent.ToString()); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strIssuedUTC + objCookie.IssuedUtc.ToString()); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strUserData + objCookie.UserData); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strUserName + objCookie.UserName); streamWriter.Write(byteData, 0, byteData.Length); break; case EnumPurpose.WEBRESOURCE: byteData = Encoding.ASCII.GetBytes(ContantValue.strWebResourceData); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.SCRIPTRESOURCE: byteData = Encoding.ASCII.GetBytes(ContantValue.strScriptResourceData); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.VIEWSTATE: break; case EnumPurpose.UNKNOWN: break; default: break; } streamWriter.Close(); } Console.ForegroundColor = ConsoleColor.Green; Console.WriteLine("\nDecrypted Data"); Console.WriteLine("--------------"); Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine(Encoding.ASCII.GetString(byteClearData)); Console.ResetColor(); if (DefinePurpose.enumPurpose == EnumPurpose.VIEWSTATE) { Console.WriteLine("\n\nGenerate serealiza payload using ysoserail.net using founded keys!!"); } else { Console.WriteLine("\n\nData stored at {0} file!!", AspDotNetWrapper.strDecryptedTxtFilePath); } }