Description: Padding Oracle Exploit Tool 1.0.0 demo. In minutes POET completely decrypts the VIewState of a JavaServer Faces application. The server is Apache MyFaces configured to use AES/CBC encryption with a random secret key and IV. POET uses Vaudenay's padding oracle attack to decrypt the web application client-side state byte by byte.
Download POET: http://netifera.com/research
Tags: poet , appache , exploit , oracle , tool ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.