This is a small handy python script for producing the MD5 value for a string.
MD5 has been utilized in a wide variety of cryptographic applications, and is also commonly used to verify data integrity.
Now some things on website are encoded in MD5.
Suppose on clicking 'inspect element' you stumble upon the following
"GET / users / passwords / " . md5('Users') "
Now I stumbled upon this when I entered a wrong parameter into a field that required a certain type of data giving me a MYSQL error. This left the page with a major amount of the directory exposed.
But you can expose this in numerous ways. But we're getting off topic.
So now you see that I've found a password directory but the string 'Users' is encoded with Md5.
Today's blog will teach you a python script that'll let you decipher this.
Simply import the hashlib and paste in the following line
print hashlib.md5("your text here").hexdigest()
It'll then print out the required md5 value for the string that you've entered.
Simply paste the URL with /users/passwords/your md5 value
Eg. /users/passwords/7e40c181f9221f9c613adf8bb8136ea8
You'll now be able to access the directory that was previously encrypted.
If you liked this post please share and scubscribe
No comments:
Post a Comment