public static void GetPurposeAndClearData(ReadObject objData, out Purpose objPurpose, out byte[] byteClearData)
{
switch (enumPurpose)
{
case EnumPurpose.OWINCOOKIE:
Dictionary <string, Purpose> dictPurposeMap = new Dictionary <string, Purpose>(StringComparer.Ordinal)
{
{ "owin.cookie", Purpose.User_MachineKey_Protect.AppendSpecificPurposes(
new [] {
"Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware",
"ApplicationCookie",
"v1"
}
) }
};
dictPurposeMap.TryGetValue("owin.cookie", out objPurpose);
byteClearData = DataWriter.Compress(StringToHexByteArray(objData.AspNetAppCookie));
break;
case EnumPurpose.ASPXAUTH:
objPurpose = Purpose.FormsAuthentication_Ticket;
byteClearData = FormAuthenticationHelper.ConvertToBytes(objData.objFormAuthCookie);
break;
case EnumPurpose.WEBRESOURCE:
objPurpose = Purpose.AssemblyResourceLoader_WebResourceUrl;
byteClearData = Encoding.ASCII.GetBytes(objData.WebResourceData);
break;
case EnumPurpose.SCRIPTRESOURCE:
objPurpose = Purpose.ScriptResourceHandler_ScriptResourceUrl;
byteClearData = Encoding.ASCII.GetBytes(objData.ScriptResourceData);
break;
case EnumPurpose.VIEWSTATE:
byteClearData = null;
objPurpose = null;
break;
case EnumPurpose.UNKNOWN:
byteClearData = null;
objPurpose = null;
break;
default:
byteClearData = null;
objPurpose = null;
break;
}
}
public static void WriteOtherDataToFile(EnumPurpose enumPurpose, byte[] byteClearData)
{
byte[] byteData = null;
using (FileStream streamWriter = new FileStream(AspDotNetWrapper.strDecryptedTxtFilePath, FileMode.Append, FileAccess.Write))
{
switch (enumPurpose)
{
case EnumPurpose.OWINCOOKIE:
byteClearData = Decompress(byteClearData);
byteData = Encoding.ASCII.GetBytes(ContantValue.strAspNetApplicationCookie);
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.Write(byteClearData, 0, byteClearData.Length);
break;
case EnumPurpose.OWINOAUTH:
byteClearData = Decompress(byteClearData);
byteData = Encoding.ASCII.GetBytes(ContantValue.strAspNetOAuth);
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.Write(byteClearData, 0, byteClearData.Length);
break;
case EnumPurpose.ASPXAUTH:
FormsAuthenticationCookie objCookie = FormAuthenticationHelper.ConvertToAuthenticationTicket(byteClearData);
byteData = Encoding.ASCII.GetBytes(ContantValue.strCookiePath + objCookie.CookiePath);
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.WriteByte((byte)'\n');
byteData = Encoding.ASCII.GetBytes(ContantValue.strExpireUTC + objCookie.ExpiresUtc.ToString());
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.WriteByte((byte)'\n');
byteData = Encoding.ASCII.GetBytes(ContantValue.strIsPersistent + objCookie.IsPersistent.ToString());
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.WriteByte((byte)'\n');
byteData = Encoding.ASCII.GetBytes(ContantValue.strIssuedUTC + objCookie.IssuedUtc.ToString());
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.WriteByte((byte)'\n');
byteData = Encoding.ASCII.GetBytes(ContantValue.strUserData + objCookie.UserData);
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.WriteByte((byte)'\n');
byteData = Encoding.ASCII.GetBytes(ContantValue.strUserName + objCookie.UserName);
streamWriter.Write(byteData, 0, byteData.Length);
break;
case EnumPurpose.WEBRESOURCE:
byteData = Encoding.ASCII.GetBytes(ContantValue.strWebResourceData);
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.Write(byteClearData, 0, byteClearData.Length);
break;
case EnumPurpose.SCRIPTRESOURCE:
byteData = Encoding.ASCII.GetBytes(ContantValue.strScriptResourceData);
streamWriter.Write(byteData, 0, byteData.Length);
streamWriter.Write(byteClearData, 0, byteClearData.Length);
break;
case EnumPurpose.VIEWSTATE:
break;
case EnumPurpose.UNKNOWN:
break;
default:
break;
}
streamWriter.Close();
}
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("\nDecrypted Data");
Console.WriteLine("--------------");
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine(Encoding.ASCII.GetString(byteClearData));
Console.ResetColor();
if (DefinePurpose.enumPurpose == EnumPurpose.VIEWSTATE)
{
Console.WriteLine("\n\nGenerate serealiza payload using ysoserail.net using founded keys!!");
}
else
{
Console.WriteLine("\n\nData stored at {0} file!!", AspDotNetWrapper.strDecryptedTxtFilePath);
}
}
