<username>|<password>. Then, you generate to new users, both of them with the same long password and almost the same username. You find out that the blocks of 8B where the info of both users is the same are equals. Then, you imagine that this might be because ECB is being used.
<password><delimiter><username>. For doing that, he can just generate several usernames with similar and long usernames and passwords until he find the format and the length of the delimiter:
<username>|<password>), in order to impersonate the username
admincreate a new user called
aaaaaaaaadminand get the cookie and decode it:
\x23U\xE45K\xCB\x21\xC8created previously with the username that contained only
a. Then, you can remove the first block of 8B and you will et a valid cookie for the username
WHERE username='admin';or for
WHERE username='admin ';(Note the extra spaces)
adminwould be to:
len(<username>) + len(<delimiter) % len(block). With a block size of
8Byou can generate username called:
username, with the delimiter
<username><delimiter>will generate 2 blocks of 8Bs.