[WEB SECURITY] Numeric SQL injection ASP.NET
oussama.gabi at gmail.com
Mon Apr 25 08:15:57 EDT 2011
I am a beginner in web application Security, so I started to train on
webgoat.i would like to make numeric SQL injection attack but in ASP.net.
So I created a dropdownlist that retrieves the names of cities and a
gridview for display!
The problem is when I change the ID value with tamperdata, nothing happens.
I look a bit and I think that's a problem with ViewState, so it's impossible
to make this attack in ASP.net?
how could circumvent this viewstate or Disenable it for testing. Or any
Thank you !
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity