Fixing Unvalidated Redirects and Forwards in ASP.NET

Posted by on May 2, 2012 1 Comment

Note: This post is part of our series on “How to Fix Unvalidated Redirects and Forwards“. The series contains examples on how to fix unvalidated redirects and forwards in various programming languages.

The following code will allow you prevent unvalidated redirects and Fowards in ASP.NET

<%@ Page Language="C#" %>
<script runat="server">

    private void Page_Load(object sender, EventArgs e)
    {
        // Check whether the browser remains
        // connected to the server.
        if (Response.IsClientConnected)
        {
            // If still connected, redirect
            // to another page.
            Response.Redirect("Page2CS.aspx", false);
        }
        else
        {
            // If the browser is not connected
            // stop all response processing.
            Response.End();
        }
    }

</script>
<html>
<head>
</head>
<body>
    <form runat="server">
    </form>
</body>
</html>

Fixing Insecure Cryptographic Storage in ASP.NET

Posted by on May 2, 2012 1 Comment

Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on how to implementing secure cryptography in various programming languages.

As seen below using the following code we can encrypt sensitive values such as passwords in ASP.NET

protected string MySHA512( )
    {
        SHA512 sha512 = new System.Security.Cryptography.SHA512Managed();
        byte[] sha512Bytes = System.Text.Encoding.Default.GetBytes("PasswordToBeEncrypted");
        byte[] cryString = sha512.ComputeHash(sha512Bytes);
        string sha512Str = string.Empty;
        for (int i = 0; i < cryString.Length; i++)
        {
            sha512Str += cryString[i].ToString("X");
        }
        return sha512Str;
    }

Fixing SQL injection in ASP and MS SQL

Posted by on May 26, 2011 0 Comment

Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages.

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also run system level commands. The following example shows how to prevent a malicious input in ASP by filtering user input before it is passed to MS SQL.

Parameterized query

string commandText = "SELECT * FROM Customers WHERE [email protected]";
SqlCommand cmd = new SqlCommand(commandText, conn);
cmd.Parameters.Add("@Location",Location);

Validating User input

string Lastname = this.lastnameTb.Text.Replace("'", "''");
string sql = "Update Users SET Lastname=' "+ Lastname +"'  WHERE id="+userID;

Fixing SQL injection in ASP and Oracle

Posted by on May 26, 2011 0 Comment

Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages.

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also run system level commands. The following example shows how to prevent a malicious input in ASP by filtering user input before it is passed to Oracle.

Parameterized query

Dim cmd, rs

Response.Write "Return employees for department " & dept & ".<br />"
Set cmd = Server.CreateObject ("ADODB.Command")
Set cmd.ActiveConnection = conn
cmd.CommandText = "SELECT * FROM emp WHERE dept = ? ORDER BY empno"
cmd.CommandType = adCmdText

'name, type, direction, size, value
cmd.Parameters.Append cmd.CreateParameter ("dept", adInteger, adParamInput, , CInt(dept))

Set rs = cmd.Execute