public static byte[] ConvertToBytes(FormsAuthenticationCookie data) { using (var ticketBlobStream = new MemoryStream()) using (var ticketWriter = new SerializingBinaryWriter(ticketBlobStream)) { ticketWriter.Write((byte)1); ticketWriter.Write((byte)1); ticketWriter.Write(data.IssuedUtc.Ticks); ticketWriter.Write((byte)0xfe); ticketWriter.Write(data.ExpiresUtc.Ticks); ticketWriter.Write(data.IsPersistent); ticketWriter.WriteBinaryString(data.UserName ?? ""); ticketWriter.WriteBinaryString(data.UserData ?? ""); ticketWriter.WriteBinaryString(data.CookiePath ?? ""); ticketWriter.Write((byte)0xff); return(ticketBlobStream.ToArray()); } }
public static void WriteOtherDataToFile(EnumPurpose enumPurpose, byte[] byteClearData) { byte[] byteData = null; using (FileStream streamWriter = new FileStream(AspDotNetWrapper.strDecryptedTxtFilePath, FileMode.Append, FileAccess.Write)) { switch (enumPurpose) { case EnumPurpose.OWINCOOKIE: byteClearData = Decompress(byteClearData); byteData = Encoding.ASCII.GetBytes(ContantValue.strAspNetApplicationCookie); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.OWINOAUTH: byteClearData = Decompress(byteClearData); byteData = Encoding.ASCII.GetBytes(ContantValue.strAspNetOAuth); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.ASPXAUTH: FormsAuthenticationCookie objCookie = FormAuthenticationHelper.ConvertToAuthenticationTicket(byteClearData); byteData = Encoding.ASCII.GetBytes(ContantValue.strCookiePath + objCookie.CookiePath); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strExpireUTC + objCookie.ExpiresUtc.ToString()); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strIsPersistent + objCookie.IsPersistent.ToString()); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strIssuedUTC + objCookie.IssuedUtc.ToString()); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strUserData + objCookie.UserData); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.WriteByte((byte)'\n'); byteData = Encoding.ASCII.GetBytes(ContantValue.strUserName + objCookie.UserName); streamWriter.Write(byteData, 0, byteData.Length); break; case EnumPurpose.WEBRESOURCE: byteData = Encoding.ASCII.GetBytes(ContantValue.strWebResourceData); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.SCRIPTRESOURCE: byteData = Encoding.ASCII.GetBytes(ContantValue.strScriptResourceData); streamWriter.Write(byteData, 0, byteData.Length); streamWriter.Write(byteClearData, 0, byteClearData.Length); break; case EnumPurpose.VIEWSTATE: break; case EnumPurpose.UNKNOWN: break; default: break; } streamWriter.Close(); } Console.ForegroundColor = ConsoleColor.Green; Console.WriteLine("\nDecrypted Data"); Console.WriteLine("--------------"); Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine(Encoding.ASCII.GetString(byteClearData)); Console.ResetColor(); if (DefinePurpose.enumPurpose == EnumPurpose.VIEWSTATE) { Console.WriteLine("\n\nGenerate serealiza payload using ysoserail.net using founded keys!!"); } else { Console.WriteLine("\n\nData stored at {0} file!!", AspDotNetWrapper.strDecryptedTxtFilePath); } }