This proof-of-concept exploit performs a Padding Oracle attack against a simple ASP.NET application (it can be any application) to download a file from the remote Web Server. In this example the proof-of-concept exploit downloads the Web.config file. This proof of concept exploit can be found at http://bit.ly/LD0szx
This video shows how to bypass anti virus tools utilizing the new tricks in Metasploit 3.2 To find out more about hacking and computer security check out SANS Hacker techniques and Incident Response and SANS Network Penetration Testing at: sans.org/info/30768
