Viewstates SUCK

Tue, 05 Feb 2008 12:38

Viewstates suck! They are the bane of my existence as a hacker. I hate them with all that I am. Die VIEWSTATES die!.

In other words, if you don't use viewstates in your ASP applications, you should. They really are a pain in the ass for an attacker to deal with. If MAC is turned on (which it is by default), the viewstate becomes tamper resistant and really limits an attackers ability to inject potentially malicious data.

http://msdn2.microsoft.com/en-us/library/ms972976.aspx

Home | Tags: infosec | Category: /infosec | Link

About:

Tyler Shields
Creator/Philosopher/Slacker

Personal:

Papers and Presentations
Twitter Feed
txs Twitter RSS Feed

Tweet Tweet:

Calendar:

Categories:

/ (144)
  book_reviews/ (7)
  generic/ (36)
  humor/ (22)
  infosec/ (69)
  poker/ (3)
  programming/ (6)
  rants/ (1)

Book List:

05/2010::100% Done
Run for Your Life, by James Patterson and Michael Ledwidge

05/2010::100% Done
Chelsea Chelsea Bang Bang, by Chelsea Handler

04/2010::100% Done
My Horizontal Life A Collection of One-Night Stands, by Chelsea Handler

01/2010::100% Done
The Girl Who Played with Fire, by Steig Larrson

10/2009::100% Done
The Lost Symbol, by Dan Brown

more...

Pimping: