lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 16 Aug 2007 09:17:18 -0700
From: "James Matthews" <nytrokiss@...il.com>
To: "d e f c o n" <defconoii@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: I was browsing the web and noticed this,
	anyone have an idea?

Create your own method to except the password

On 8/15/07, d e f c o n <defconoii@...il.com> wrote:
>
> I am getting an error on my website when I input `--1--` as login and
> password, how do I patch this and what does this mean?  Could I get hacked?
> Or is this nothing to worrie about?
> defcon
> Offending URL: https://somewebsite.com
> Source: System.Web
>
> Message: Input string was not in a correct format.
>
> Stack trace: at System.Web.UI.Page.HandleError(Exception e) at
> System.Web.UI.Page.ProcessRequestMain(Boolean
> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at
> System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint,
> Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest()
> at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at
> System.Web.UI.Page.ProcessRequest(HttpContext context) at
> ASP.loginpage_aspx.ProcessRequest(HttpContext context) at
> System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
> at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
> completedSynchronously)
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.goldwatches.com/
http://www.jewelerslounge.com

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ