[WEB SECURITY] ASP.NET Request Validator Bypass?
Arian J. Evans
arian.evans at anachronic.com
Sat Feb 19 16:52:08 EST 2011
Exactly. ASP.NET requestValidators are a server-side control.
jquery getScript is designed to be used client-side and fetch a script
to build or interface with the DOM. Therefore the server side controls
would never see it.
On Sat, Feb 19, 2011 at 10:04 AM, steve jensen <sjensen1207 at hotmail.com> wrote:
> If this jQuery .getScript request is only performed client-side, then it
> wouldn't even be sent to the server-side ASP.NET XSS validation to be
> Date: Sat, 19 Feb 2011 15:39:06 +0000
> From: ryandewhurst at gmail.com
> To: websecurity at webappsec.org
> Subject: [WEB SECURITY] ASP.NET Request Validator Bypass?
> Recently on a client test I was able to bypass the ASP.NET Request Validator
> by leveraging the jQuery library which was included in the page. I am mainly
> a LAMP guy and my knowledge of ASP.NET and how to set it up is minimal.
> I was wondering if any one could confirm whether my bypass affects all
> ASP.NET installations or whether or not this particular client had it
> configured incorrectly.
> I used the following jQuery function to bypass the filter:
> Ryan Dewhurst
> blog www.ethicalhack3r.co.uk
> projects www.dvwa.co.uk | www.webwordcount.com
> twitter www.twitter.com/ethicalhack3r
> _______________________________________________ The Web Security Mailing
> List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join
> WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on
> Twitter http://twitter.com/wascupdates websecurity at lists.webappsec.org
> The Web Security Mailing List
> WebSecurity RSS Feed
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> websecurity at lists.webappsec.org
More information about the websecurity