
DotNetNuker
This script will decrypt DotNetNuke TripleDES (DES3) encrypted user and administrative passwords. DNN uses DES3 with a 192 bit key for default password storage.
This means that all DNN passwords are completely reversible.
On a compromised system, you will find the DES3 passphrase ciphertext in the “aspnet_membership” table of the MSSQL database.
The decryption key is located in the DotNetNuke web.config file found in the dnn root folder. It should be listed as the value “decryptionkey” under <system.web>. The DES3 implementation used by DotNetNuke uses PKCS7 for padding. This is handled in the “strip_padding” function.
Copy to Clipboard
Latest posts by Jesse Shelley (see all)
- Symmetric Encryption –Bidirectional Python Socket - April 27, 2022
- Python Socket Programming – Simple Bidirectional Communication - April 27, 2022
- Python wpnuker a collection of WordPress Pentesting Tools - April 19, 2022
Leave A Comment