Hack asp.net

Hack asp.net


  Before your web becomes victim of hacked web site, you can proactively take baby step to fight against hackers.

1. Manytimes beginners or freshers writes codes which leads SQL injection attack. To know more about SQl injection follow below link.
    
    
http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
   
    
SQL injection cheat sheet

To avoide SQL injection attacks, use parameterized query like how we pass the variables to stored procedure.


2. ASP.NET Security Vulnerability 
http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx

    above vulnerability applies to Java and who uses AES algorithm or MD5 algorithm.

Latest update ASP.NET Security Update Shipping Tuesday, Sept 28th

http://weblogs.asp.net/scottgu/archive/2010/09/27/asp-net-security-update-shipping-tuesday-sept-28th.aspx


3. Hack IIS

   You must learn to hack the web, this way you will not leave any loop hole on production server.

4. While assigning appropriate runtime using aspnet_regiis don't forget to un-map your domain from IIS. 
    If you don;t have runtime assigned to your IIS, all code including web.config and your server side script becomes
    accesible to end user as a plain text.

Tags:

Asp.net Interview Questions for 2 years or 3 years experianceasp net image uploadASp.net 2.0 step by step Membership Provider ASP.net File HandlingPassword HackWhat is web garden in Asp.net?Asp.net Convert String To ImageAsp.net Convert Image To Base64Asp.net open new windowListBox Asp.net Binding csharpHack BSNL Broadband

Author

My name is Satalaj, but people call me Sat. Here is my homepage: . I live in Pune, PN and work as a Software Engineer. I'm former MVP in ASP.net year 2010.
Disclaimer: Views or opinion expressed here are my personal research and it has nothing to do with my employer. You are free to use the code, ideas/hints in your projects. However, you should not copy and paste my original content to other web sites. Feel free to copy or extend the code.
If you want to fight with me, this website is not for you.
 

I'm Satalaj.