Because we're damned if we do, and we're damned if we don't!
Typo3 Default Encryption Keys [Proof of Concept]
As detailed in the “Typo3 – Encryption Key” vulnerability announcement (Typo3-sa-2009-001) the Proof of Concept code used for re-creating the default Typo3 encryption keys, as well as offline Dictionary attacks against Typo3 encryption keys can be found below. A new Python script is also available for download that performs both attacks against known Encryption Keys, as well as Dictionary based attacks. The Python script can also be used to create a valid malicious URL using the recovered Encryption Key.
The video is bet viewed in HD quality, you can click through on the video above, or use the shortcut below to directly access it on the Vimeo site.
NOTE: These PoC scripts are designed to display the vulnerability and not be used in unathorised hacking of Typo3 systems.
Python – Typo3 – Encryption Key Tool (version 1.22)
This PoC python script can be used to perform offline an dictionary attack attempts against Typo3 servers. The python script takes a URL as input and attempts to discover the Typo3 Encryption Key using the known default keys (1000), as well as dictionary style attack (using a user defined dictionary). If the encryption key is recovered the script will also give the user an option to create a malicous link with a newly created (and valid) MD5 hash. Information is required from a valid Typo3 showpic.php to perform this attack.
NOTE: Version 1.22 corrected a slight typing mistake in the attack string creation portion of the script. bodytag should be bodyTag, small but fatal error when trying to match an MD5😉
Outdated: Shell Script – Typo3 – Encryption Key Dictionary Attack script
This PoC shell script can be used to perform an offline dictionary attack against Typo3 servers. Information is required from a valid Typo3 showpic.php to perform this attack. –> This method is outdated. Please see the Python script above as a replacement to this script.
Outdated: Shell Script – Typo3 – Default Encryption Key Generator
This PoC shell script creates an output of all possible default encryption keys (based on Typo3 4.2.3) –> This method is outdated. Please see the Python script above as a replacement to this script.
This file contains a pre-compiled list of default encryption keys (based on Typo3 4.2.3).