[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 16 Aug 2007 09:17:18 -0700
From: "James Matthews" <nytrokiss@...il.com>
To: "d e f c o n" <defconoii@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: I was browsing the web and noticed this,
anyone have an idea?
Create your own method to except the password
On 8/15/07, d e f c o n <defconoii@...il.com> wrote:
>
> I am getting an error on my website when I input `--1--` as login and
> password, how do I patch this and what does this mean? Could I get hacked?
> Or is this nothing to worrie about?
> defcon
> Offending URL: https://somewebsite.com
> Source: System.Web
>
> Message: Input string was not in a correct format.
>
> Stack trace: at System.Web.UI.Page.HandleError(Exception e) at
> System.Web.UI.Page.ProcessRequestMain(Boolean
> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at
> System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint,
> Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest()
> at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at
> System.Web.UI.Page.ProcessRequest(HttpContext context) at
> ASP.loginpage_aspx.ProcessRequest(HttpContext context) at
> System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
> at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
> completedSynchronously)
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
http://www.goldwatches.com/
http://www.jewelerslounge.com
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists