Clik here to view.
Creating the Reply With Meeting OL2007 Add-In (Part 1)
Note: This is the first part, in a multi-part series to create this add-in. I chose to break this up into multiple parts so some parts (like this one) could be used by anyone creating an add-in. This...
View ArticleASP.Net Insecure Redirect
It was recently discovered that there was a vulnerability within the ASP.Net Forms Authentication process that could allow an attacker to force a user to visit a malicious web site upon success...
View ArticleClik here to view.
ViewStateMAC: Seriously, Enable It!
I have been doing a lot of research lately around event validation and view state. I have always been interested in how Event Validation worked under the covers and if it could be tampered with. I...
View ArticleClik here to view.
ASP.Net: Tampering with Event Validation – Part 1
UPDATED 12/13/2012 – This post was updated to include a video demonstration of tampering with data with Event Validation enabled. The video is embedded at the bottom of the post. My last post brought...
View ArticleASP.Net Webforms CSRF Workflow
An important aspect of application security is the ability to verify whether or not vulnerabilities exist in the target application. This task is usually outsourced to a company that specializes in...
View ArticleClik here to view.
ASP.Net: Tampering with Event Validation – Part 2
In part 1 of this series I demonstrated how to modify the values of a list box and access data I was not given access to by manipulating the view state and event validation parameters. Remember, the...
View ArticleClik here to view.
Handling Request Validation Exceptions
I write a lot about the request validation feature built into .Net because I believe it serves a great purpose to help reduce the attack surface of a web application. Although it is possible to bypass...
View ArticleRequest Method Can Matter
One of the nice features of ASP.Net is that many of the server controls populate their values based upon the request method. Lets look at a quick example. If the developer has created a text box on...
View ArticleAnother Request Validation Bypass?
I stumbled across this BugTraq(http://www.securityfocus.com/archive/1/524043) on Security Focus today that indicates another way to bypass ASP.Net’s built in Request Validation feature. It was reported...
View ArticleClik here to view.
ViewState XSS: What’s the Deal?
Many of my posts have discussed some of the protections that ASP.Net provides by default. For example, Event Validation, ViewStateMac, and ViewStateUserKey. So what happens when we are not using...
View Article
