### [CVE-2016-2107](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.

### POC

#### Reference
- http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html
- http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securityfocus.com/bid/91787
- https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202
- https://www.exploit-db.com/exploits/39768/

#### Github
- https://github.com/1o24er/Python-
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Cherishao/Security-box
- https://github.com/FiloSottile/CVE-2016-2107
- https://github.com/GhostTroops/TOP
- https://github.com/HiJackJTR/github_arsenal
- https://github.com/JERRY123S/all-poc
- https://github.com/Lilleengen/alexa-top-tls-tester
- https://github.com/Live-Hack-CVE/CVE-2016-2107
- https://github.com/RClueX/Hackerone-Reports
- https://github.com/RUB-NDS/WS-TLS-Scanner
- https://github.com/RedHatSatellite/satellite-host-cve
- https://github.com/SSlvtao/CTF
- https://github.com/Vxer-Lee/Hack_Tools
- https://github.com/ZiDuNet/Note
- https://github.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation
- https://github.com/auditt7708/rhsecapi
- https://github.com/birdhan/SecurityTools
- https://github.com/blacksunwen/Python-tools
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/cream-sec/pentest-tools
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/githuberxu/Security-Resources
- https://github.com/hackerso007/Sec-Box-master
- https://github.com/hackstoic/hacker-tools-projects
- https://github.com/hannob/tls-what-can-go-wrong
- https://github.com/hantiger/-
- https://github.com/hktalent/TOP
- https://github.com/imhunterand/hackerone-publicy-disclosed
- https://github.com/jay900323/SecurityTools
- https://github.com/jbmihoub/all-poc
- https://github.com/jerryxk/Sec-Box
- https://github.com/krabelize/openbsd-httpd-tls-perfect-ssllabs-score
- https://github.com/psc4re/SSLtest
- https://github.com/scuechjr/Sec-Box
- https://github.com/sunu11/Sec-Box
- https://github.com/tmiklas/docker-cve-2016-2107
- https://github.com/tomwillfixit/alpine-cvecheck
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/yige666/web-