Asp vulnerability question

Discuss the many weaknesses of browser security and ways to mitigate the threat

Re: Asp vulnerability question

Post by tremor77 on Mon Aug 23, 2010 9:08 am
([msg=44139]see Re: Asp vulnerability question[/msg])

VSpeed wrote:hm.. yes, that's a problem
Is there a way to make the "dim LoggedIn" a global variable to a few asp pages?


Global variables should be avoided if you are talking about something like the PHP Register Globals. You could use a SESSION to pass along the fact that you have already logged in. Here is a complete header.aspx for a simple login that I wrote... I tried to explain it the best I could and i wrote this a few years ago, so It could probably be simplified even more...

Code: Select all
<%
' CHECK FOR LOGIN
If Session("LoggedIn") <> "true" Then
   ' IF NOT LOGGED IN, SEE IF FORM WAS SUBMITTED
   If Request.Form("login") = "UserName" AND Request.Form("password") = "Password" Then
      Response.Write "<p>PASSWORD VERIFIED</p>"
      Response.Write "<p><a href='mainpage.asp'>Click Here To Continue</a></p>"
      ' CORRECT USER AND PASS, SO SET A SESSION HERE
      Session("LoggedIn") = "true"    
   Else
      ' USER AND PASS NOT SET, SO DISPLAY LOGIN FORM
      Response.Write "Enter login information:"
%>

<FORM METHOD="post">
<TABLE BORDER=0>
   <TR>
      <TD ALIGN="right">Login:</TD>
      <TD><INPUT TYPE="text" NAME="login"></INPUT></TD>
   </TR>
   <TR>
      <TD ALIGN="right">Password:</TD>
      <TD><INPUT TYPE="password" NAME="password"></INPUT></TD>
   </TR>
   <TR>
      <TD ALIGN="right"></TD>
      <TD><INPUT TYPE="submit" VALUE="Login"></INPUT>
         <INPUT TYPE="reset" VALUE="Reset"></INPUT>
      </TD>
   </TR>
</TABLE>
</FORM>

<%
   ' END LOGIN CHECK
   End If
Else
' LOAD REST OF THE PAGE, CLOSE STATEMENT IN FOOTER.ASP WITH ANOTHER END IF
%>


Now.. just FYI... once you start setting sessions or passing variables along from one page to another.. your script becomes less secure.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 865
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: Asp vulnerability question

Post by VSpeed on Mon Aug 23, 2010 11:09 am
([msg=44145]see Re: Asp vulnerability question[/msg])

tremor77 wrote:
VSpeed wrote:hm.. yes, that's a problem
Is there a way to make the "dim LoggedIn" a global variable to a few asp pages?


Global variables should be avoided if you are talking about something like the PHP Register Globals. You could use a SESSION to pass along the fact that you have already logged in. Here is a complete header.aspx for a simple login that I wrote... I tried to explain it the best I could and i wrote this a few years ago, so It could probably be simplified even more...

Code: Select all
<%
' CHECK FOR LOGIN
If Session("LoggedIn") <> "true" Then
   ' IF NOT LOGGED IN, SEE IF FORM WAS SUBMITTED
   If Request.Form("login") = "UserName" AND Request.Form("password") = "Password" Then
      Response.Write "<p>PASSWORD VERIFIED</p>"
      Response.Write "<p><a href='mainpage.asp'>Click Here To Continue</a></p>"
      ' CORRECT USER AND PASS, SO SET A SESSION HERE
      Session("LoggedIn") = "true"    
   Else
      ' USER AND PASS NOT SET, SO DISPLAY LOGIN FORM
      Response.Write "Enter login information:"
%>

<FORM METHOD="post">
<TABLE BORDER=0>
   <TR>
      <TD ALIGN="right">Login:</TD>
      <TD><INPUT TYPE="text" NAME="login"></INPUT></TD>
   </TR>
   <TR>
      <TD ALIGN="right">Password:</TD>
      <TD><INPUT TYPE="password" NAME="password"></INPUT></TD>
   </TR>
   <TR>
      <TD ALIGN="right"></TD>
      <TD><INPUT TYPE="submit" VALUE="Login"></INPUT>
         <INPUT TYPE="reset" VALUE="Reset"></INPUT>
      </TD>
   </TR>
</TABLE>
</FORM>

<%
   ' END LOGIN CHECK
   End If
Else
' LOAD REST OF THE PAGE, CLOSE STATEMENT IN FOOTER.ASP WITH ANOTHER END IF
%>


Now.. just FYI... once you start setting sessions or passing variables along from one page to another.. your script becomes less secure.


In your example the "Session("LoggedIn")" can be used for many asp pages and still work the same?
VSpeed
New User
New User
 
Posts: 5
Joined: Sun Aug 08, 2010 9:45 am
Blog: View Blog (0)


Re: Asp vulnerability question

Post by tremor77 on Mon Aug 23, 2010 12:11 pm
([msg=44146]see Re: Asp vulnerability question[/msg])

Yes.. just include that file at the top of all your .asp pages. Any page where you need to execute the same code whether it be a standard header template or a login check like the one we are talking about.. can be included.. for example your index.asp may look like this.

Code: Select all
<!--#include file="header.aspx" -->
<p>Here is some text that will only be viewable if the user is logged in.</p>
<!--#include file="footer.aspx" -->
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 865
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: Asp vulnerability question

Post by Cryptovirus on Thu Aug 26, 2010 10:54 am
([msg=44355]see Re: Asp vulnerability question[/msg])

I thought asp applications are prone to be finicky with parameter pollution?

This is off the top of my head, though, so I could be wrong.

Either way this probably doesn't effect your application.
Cryptovirus
New User
New User
 
Posts: 21
Joined: Wed Aug 25, 2010 7:37 am
Blog: View Blog (0)


Previous

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests