DotNetNuker
This script will decrypt DotNetNuke TripleDES (DES3) encrypted user and administrative passwords. DNN uses DES3 with a 192 bit key for default password storage.
This means that all DNN passwords are completely reversible.
On a compromised system, you will find the DES3 passphrase ciphertext in the “aspnet_membership” table of the MSSQL database.
The decryption key is located in the DotNetNuke web.config file found in the dnn root folder. It should be listed as the value “decryptionkey” under <system.web>. The DES3 implementation used by DotNetNuke uses PKCS7 for padding. This is handled in the “strip_padding” function.
Copy to Clipboard
Technical Communicator at CyberTutorials.org at CyberTutorials.org
I have many years of experience as a criminal investigator, evidence custodian, IT administrator, and as an information security specialist.
I've performed dozens of digital forensic examinations on cases involving criminal matters such as murder, domestic terrorism, sexual assault, child exploitation, CSAM, CSEC, illegal wiretapping, bomb threats, kidnapping, military, corporate, and casework from alphabet agencies such as the FBI and DEA.
I've performed dozens of digital forensic examinations on cases involving criminal matters such as murder, domestic terrorism, sexual assault, child exploitation, CSAM, CSEC, illegal wiretapping, bomb threats, kidnapping, military, corporate, and casework from alphabet agencies such as the FBI and DEA.
Latest posts by Jesse Shelley (see all)
- Symmetric Encryption –Bidirectional Python Socket - April 27, 2022
- Python Socket Programming – Simple Bidirectional Communication - April 27, 2022
- Python wpnuker a collection of WordPress Pentesting Tools - April 19, 2022
Leave A Comment