Fixing Unvalidated Redirects and Forwards in ASP.NET

Posted by on May 2, 2012 1 Comment

Note: This post is part of our series on “How to Fix Unvalidated Redirects and Forwards“. The series contains examples on how to fix unvalidated redirects and forwards in various programming languages.

The following code will allow you prevent unvalidated redirects and Fowards in ASP.NET

<%@ Page Language="C#" %>
<script runat="server">

    private void Page_Load(object sender, EventArgs e)
    {
        // Check whether the browser remains
        // connected to the server.
        if (Response.IsClientConnected)
        {
            // If still connected, redirect
            // to another page.
            Response.Redirect("Page2CS.aspx", false);
        }
        else
        {
            // If the browser is not connected
            // stop all response processing.
            Response.End();
        }
    }

</script>
<html>
<head>
</head>
<body>
    <form runat="server">
    </form>
</body>
</html>

Fixing Insecure Cryptographic Storage in ASP.NET

Posted by on May 2, 2012 1 Comment

Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on how to implementing secure cryptography in various programming languages.

As seen below using the following code we can encrypt sensitive values such as passwords in ASP.NET

protected string MySHA512( )
    {
        SHA512 sha512 = new System.Security.Cryptography.SHA512Managed();
        byte[] sha512Bytes = System.Text.Encoding.Default.GetBytes("PasswordToBeEncrypted");
        byte[] cryString = sha512.ComputeHash(sha512Bytes);
        string sha512Str = string.Empty;
        for (int i = 0; i < cryString.Length; i++)
        {
            sha512Str += cryString[i].ToString("X");
        }
        return sha512Str;
    }

Fixing SQL Injection in .NET and MS SQL

Posted by on May 27, 2011 0 Comment

Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages.

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also run system level commands. Listed below are examples on how to prevent SQL Injection in C#, VB.NET & ASP.NET

Parameterized Query

C#

string queryText = "SELECT * FROM Students WHERE [email protected]";
SqlCommand cmd = new SqlCommand(queryText, conn);
cmd.Parameters.Add("@City",City);
SqlDataAdapter da = new SqlDataAdapter(cmd);

DataSet ds = new DataSet();
da.Fill(ds);
return ds;

VB.NET

Dim queryText As String = "SELECT * FROM Students WHERE [email protected]"
Dim cmd As SqlCommand = New SqlCommand(queryText, conn)
cmd.Parameters.Add("@City",City)
Dim da As SqlDataAdapter = New SqlDataAdapter(cmd)

GetCustomersFromCountry = New DataSet
da.Fill(GetCustomersFromCountry)

ASP.NET

/*Parameterized Query*/

string commandText = "SELECT * FROM Customers WHERE [email protected]";
SqlCommand cmd = new SqlCommand(commandText, conn);
cmd.Parameters.Add("@CountryName",countryName);

Stored Procedure

var connect = ConfigurationManager.ConnectionStrings["NorthWind"].ToString();
var query = "GetProductByID";

using (var conn = new SqlConnection(connect))
{
  using (var cmd = new SqlCommand(query, conn))
  {
    cmd.CommandType = CommandType.StoredProcedure;
    cmd.Parameters.Add("@ProductID", SqlDbType.Int).Value = Convert.ToInt32(Request["ProductID"]);
    conn.Open();
    //Process results
  }
}

Fixing SQL Injection in .NET and Oracle

Posted by on May 26, 2011 0 Comment

Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages.

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also run system level commands. The following example shows how to prevent SQL injection in .NET languages.

/*Parameterized Query for VB.NET*/

Response.Write("Return employees for department " & dept & ".<br />")

Dim strSQL As String = "SELECT * FROM employees WHERE dept = :dept ORDER BY empno"
Dim objCmd As OracleCommand = New OracleCommand(strSQL, objConn)

Dim objParam1 As OracleParameter = New OracleParameter("dept", OracleDbType.Int32)
objParam1.Direction = ParameterDirection.Input
objParam1.Value = dept
objCmd.Parameters.Add(objParam1)

/*Parameterized Query for C#*/

Response.Write("Return employees for department " + dept + ".<br />");

String strSQL = "SELECT * FROM emp WHERE dept = :dept ORDER BY empno";
OracleCommand objCmd = new OracleCommand(strSQL, objConn);

OracleParameter objParam1 = new OracleParameter("dept", OracleDbType.Int32);
objParam1.Direction = ParameterDirection.Input;
objParam1.Value = dept;
objCmd.Parameters.Add(objParam1);