🔝 How to decode ASP.NET VIEWSTATE
Sometimes when doing web pentesting against an ASP web application is useful a tool like this:
$ ./decoder.py "/wEPDwUKMTU5MTA2ODYwOWRkoCvvBWgUOH7PD446qvEOF6GTCq0=" ** ASP.NET __VIEWSTATE decoder ** [*] Decoding __VIEWSTATE: /wEPDwUKMTU5MTA2ODYwOWRkoCvvBWgUOH7PD446qvEOF6GTCq0= (('1591068609', None), None)
For that, I developed a small tool to easily decode ASP.NET
__VIEWSTATE variables without having to install the viewstate module into the system with administrative privileges and be able to decode the variables with a small script using a terminal, without writing python code.
You can download the code from here: https://github.com/defensahacker/viewstate-decoder