[WEB SECURITY] Numeric SQL injection ASP.NET

Erlend Oftedal erlend at oftedal.no
Mon Apr 25 12:55:28 EDT 2011


Hi

Sharing the code could be a good idea. Maybe put it up on github or 
something.


Best regards,
Erlend


On 25.04.2011 17:38, Oussama Gabi wrote:
> Yes, i've disabled the enableValidation, for the ViewState i added 
> EnableViewState=flase in the dropdownList without any result.
>
> The server response:
>
> Status=OK - 200
> Server=ASP.NET <http://ASP.NET> Development Server/10.0.0.0 
> <http://10.0.0.0>
> Date=Mon, 25 Apr 2011 16:22:39 GMT
> X-AspNet-Version=2.0.50727
> Cache-Control=private
> Content-Type=text/html; charset=utf-8
> Content-Length=1331
> Connection=Close
>
>
> Thank you very much
>
>
> 2011/4/25 Ryan Dewhurst <ryandewhurst at gmail.com 
> <mailto:ryandewhurst at gmail.com>>
>
>     Is the ViewState and EventValidation being URL encoded when being
>     sent back to the server?
>
>     What is the HTTP response you are getting?
>
>
>
>     Ryan Dewhurst
>
>     blog www.ethicalhack3r.co.uk <http://www.ethicalhack3r.co.uk>
>     projects www.dvwa.co.uk <http://www.dvwa.co.uk> |
>     www.webwordcount.com <http://www.webwordcount.com>
>     twitter www.twitter.com/ethicalhack3r
>     <http://www.twitter.com/ethicalhack3r>
>
>
>     On Mon, Apr 25, 2011 at 1:15 PM, Oussama Gabi
>     <oussama.gabi at gmail.com <mailto:oussama.gabi at gmail.com>> wrote:
>
>         Hello guys,
>
>         I am a beginner in web application Security, so I started to
>         train on webgoat.i would like to make numeric SQL injection
>         attack but in ASP.net.
>         So I created a dropdownlist that retrieves the names of cities
>         and a gridview for display!
>         The problem is when I change the ID value with tamperdata,
>         nothing happens. I look a bit and I think that's a problem
>         with ViewState, so it's impossible to make this attack in ASP.net?
>         how could circumvent this viewstate or  Disenable it for
>         testing. Or any hint!
>
>         Thank you !
>
>
>         Best regards!
>
>
>         _______________________________________________
>         The Web Security Mailing List
>
>         WebSecurity RSS Feed
>         http://www.webappsec.org/rss/websecurity.rss
>
>         Join WASC on LinkedIn
>         http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>         WASC on Twitter
>         http://twitter.com/wascupdates
>
>         websecurity at lists.webappsec.org
>         <mailto:websecurity at lists.webappsec.org>
>         http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
>
>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110425/78dac42f/attachment-0003.html>


More information about the websecurity mailing list