.Net Havoc - Manipulating Properties of Dormant Server Side Web Controls

No ratings

Presented at 44Con 2013 by

Shay Chen

Most modern web application frameworks use Server-Side Web Controls to enhance the development process; components that other platforms require the developer to implement can be dragged and dropped into the page design view. These components are also protected using a variety of mechanisms, including digital signatures, content restrictions and even invisibility. However, developers that use these components improperly can expose their application to a variety of different attacks that can be executed despite, and sometimes due to the existence of security mechanisms.