<?xml version="1.0"?>
<ScanGroup ExportedOn="14/11/2013, 11:36">
 <Scan>
  <Name><![CDATA[Scan Thread 1 ( http://testaspnet.vulnweb.com:80/ )]]></Name>
  <ShortName><![CDATA[Scan Thread 1]]></ShortName>
  <StartURL><![CDATA[http://testaspnet.vulnweb.com:80/]]></StartURL>
  <StartTime><![CDATA[14/11/2013, 11:30:14]]></StartTime>
  <FinishTime><![CDATA[14/11/2013, 11:34:08]]></FinishTime>
  <ScanTime><![CDATA[3 minutes, 55 seconds]]></ScanTime>
  <Aborted><![CDATA[True]]></Aborted>
  <Responsive><![CDATA[True]]></Responsive>
  <Banner><![CDATA[Microsoft-IIS/6.0]]></Banner>
  <Os><![CDATA[Windows]]></Os>
  <WebServer><![CDATA[IIS 6.0]]></WebServer>
  <Technologies><![CDATA[ASP.NET]]></Technologies>
  <Crawler StartUrl="http://testaspnet.vulnweb.com/">
   <LoginSequence>
   </LoginSequence>
   <Cookies>
     <Variable Name="ASP.NET_SessionId" Type="Cookie">
     </Variable>
   </Cookies>
   <SiteFiles>
     <SiteFile id="1">
      <Name></Name>
      <URL>/</URL>
      <FullURL>http://testaspnet.vulnweb.com/</FullURL>
      <Inputs>
       <Variable Name="/" Type="Path Fragment (suffix .aspx)">
       </Variable>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="2">
      <Name>default.aspx</Name>
      <URL>/default.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/default.aspx</FullURL>
      <Inputs>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="delete" Type="URL encoded GET">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTTARGET" Type="URL encoded GET">
       </Variable>
      </Inputs>
      <Variations>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/default.aspx</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwLYpJyYAwKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM2hPdJHXXMZ9eiMzbVXhkJFAWyDk%3d&amp;__VIEWSTATE=/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZDUAskqLyfS1MBsZINJY6LpGzdzU]]></PostData>
        </Variation>
      </Variations>
     </SiteFile>
     <SiteFile id="3">
      <Name>about.aspx</Name>
      <URL>/about.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/about.aspx</FullURL>
      <Inputs>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
      </Inputs>
      <Variations>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/about.aspx</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKNioOoAwKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMioFdCiszghoRRSqYTihftirSM2E%3d&amp;__VIEWSTATE=/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZCUArJ3C1Fln0zT65m8W%2b6wYPSdL]]></PostData>
        </Variation>
      </Variations>
     </SiteFile>
     <SiteFile id="4">
      <Name>login.aspx</Name>
      <URL>/login.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/login.aspx</FullURL>
      <Inputs>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="ReturnUrl" Type="URL encoded GET">
       </Variable>
       <Variable Name="ReturnUrl" Type="URL encoded GET">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnLogin" Type="URL encoded POST">
       </Variable>
      </Inputs>
      <Variations>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=ljmrwpfo&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=fyjmttcx&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/logout.aspx</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/postnews.aspx</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/logout.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=riqcjwfs&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/logout.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=hjhhosnx&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/postnews.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=usighdix&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/postnews.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=vpustxlw&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/login.aspx</URL>
         <PostData><![CDATA[btnLogin=Login&amp;cbPersistCookie=e&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=xeitiyuu&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
        </Variation>
      </Variations>
     </SiteFile>
     <SiteFile id="5">
      <Name>styles.css</Name>
      <URL>/styles.css</URL>
      <FullURL>http://testaspnet.vulnweb.com/styles.css</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="6">
      <Name>signup.aspx</Name>
      <URL>/signup.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/signup.aspx</FullURL>
      <Inputs>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSignup" Type="URL encoded POST">
       </Variable>
      </Inputs>
      <Variations>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/signup.aspx</URL>
         <PostData><![CDATA[btnSignup=Sign%20me%20up&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=paucanor&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWgKJ%2b8rsBQLStq24BwK3jsrkBALF97vxAQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMe7zvcGDW1XEmT%2bKc/cai9hiHVyk%3d&amp;__VIEWSTATE=/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZHEZ3VN6SP/C2xESDN/Y3p8zhfSB]]></PostData>
        </Variation>
      </Variations>
     </SiteFile>
     <SiteFile id="7">
      <Name>rssfeed.aspx</Name>
      <URL>/rssfeed.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/rssfeed.aspx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="8">
      <Name>readnews.aspx</Name>
      <URL>/readnews.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/readnews.aspx</FullURL>
      <Inputs>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="NewsAd" Type="URL encoded POST">
       </Variable>
       <Variable Name="NewsAd" Type="URL encoded POST">
       </Variable>
       <Variable Name="NewsAd" Type="URL encoded POST">
       </Variable>
       <Variable Name="NewsAd" Type="URL encoded POST">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
      </Inputs>
      <Variations>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2&amp;NewsAd=ads/def.html</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=0&amp;NewsAd=ads/def.html</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3&amp;NewsAd=ads/def.html</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2&amp;NewsAd=ads/def.html</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=0&amp;NewsAd=ads/def.html</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3&amp;NewsAd=ads/def.html</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwK0ovnWBgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM%2blktliK1xNDntOrRvIod2XbGitg%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGS78tg0yYdYIrm%2b7bJhr2ToTj/BEA%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwK0ovnWBgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM%2blktliK1xNDntOrRvIod2XbGitg%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGS78tg0yYdYIrm%2b7bJhr2ToTj/BEA%3d%3d]]></PostData>
        </Variation>
      </Variations>
     </SiteFile>
     <SiteFile id="9">
      <Name>comments.aspx</Name>
      <URL>/comments.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/comments.aspx</FullURL>
      <Inputs>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
       </Variable>
       <Variable Name="id" Type="URL encoded GET">
       </Variable>
       <Variable Name="btnSend" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSend" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSend" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSend" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSend" Type="URL encoded POST">
       </Variable>
       <Variable Name="btnSend" Type="URL encoded POST">
       </Variable>
      </Inputs>
      <Variations>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=2</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=0</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=3</URL>
         <PostData><![CDATA[]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=2</URL>
         <PostData><![CDATA[__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWQLhxPPJAwKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTN/AvEAAOD%2bI818GCE7TFNsXr%2bM%3d&amp;__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kAgkPZBYCAgEPZBZUZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIED2QWAmYPFgIfAwUHQ29tbWVudGQCBQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCBg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgcPZBYCZg8WAh8DBQdDb21tZW50ZAIID2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIJD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCCg9kFgJmDxYCHwMFB0NvbW1lbnRkAgsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIND2QWAmYPFgIfAwUHQ29tbWVudGQCDg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCDw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhAPZBYCZg8WAh8DBQdDb21tZW50ZAIRD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAISD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCEw9kFgJmDxYCHwMFB0NvbW1lbnRkAhQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIWD2QWAmYPFgIfAwUHQ29tbWVudGQCFw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhkPZBYCZg8WAh8DBQdDb21tZW50ZAIaD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIbD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHA9kFgJmDxYCHwMFB0NvbW1lbnRkAh0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAh4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIfD2QWAmYPFgIfAwUHQ29tbWVudGQCIA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCIQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiIPZBYCZg8WAh8DBQdDb21tZW50ZAIjD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIkD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCJQ9kFgJmDxYCHwMFB0NvbW1lbnRkAiYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAicPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIoD2QWAmYPFgIfAwUHQ29tbWVudGQCKQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmRkLb6CUW1qfx56qAx2J/B/XMdFeyU%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=3</URL>
         <PostData><![CDATA[btnSend=Send%20comment&amp;tbComment=1&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWQKGnd2qBAKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM6/7zO/iGsX28uMOhuqkE9gRbREU%3d&amp;__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZAIJD2QWAgIBD2QWcmYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZGRbXMsd1lEmXls/MPIgqXEnJDtSHQ%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=0</URL>
         <PostData><![CDATA[btnSend=Send%20comment&amp;tbComment=1&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWQKGnd2qBAKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM6/7zO/iGsX28uMOhuqkE9gRbREU%3d&amp;__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZAIJD2QWAgIBD2QWcmYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZGRbXMsd1lEmXls/MPIgqXEnJDtSHQ%3d%3d]]></PostData>
        </Variation>
        <Variation>
         <URL>http://testaspnet.vulnweb.com/comments.aspx?id=2</URL>
         <PostData><![CDATA[btnSend=Send%20comment&amp;tbComment=1&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWQKGnd2qBAKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM6/7zO/iGsX28uMOhuqkE9gRbREU%3d&amp;__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZAIJD2QWAgIBD2QWcmYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZGRbXMsd1lEmXls/MPIgqXEnJDtSHQ%3d%3d]]></PostData>
        </Variation>
      </Variations>
     </SiteFile>
     <SiteFile id="10">
      <Name>images</Name>
      <URL>/images/</URL>
      <FullURL>http://testaspnet.vulnweb.com/images/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="11">
      <Name>ads</Name>
      <URL>/ads/</URL>
      <FullURL>http://testaspnet.vulnweb.com/ads/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="12">
      <Name>def.html</Name>
      <URL>/ads/def.html</URL>
      <FullURL>http://testaspnet.vulnweb.com/ads/def.html</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="13">
      <Name>aspnet_client</Name>
      <URL>/aspnet_client/</URL>
      <FullURL>http://testaspnet.vulnweb.com/aspnet_client/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="14">
      <Name>system_web</Name>
      <URL>/aspnet_client/system_web/</URL>
      <FullURL>http://testaspnet.vulnweb.com/aspnet_client/system_web/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="15">
      <Name>2_0_50727</Name>
      <URL>/aspnet_client/system_web/2_0_50727/</URL>
      <FullURL>http://testaspnet.vulnweb.com/aspnet_client/system_web/2_0_50727/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="16">
      <Name>bin</Name>
      <URL>/bin/</URL>
      <FullURL>http://testaspnet.vulnweb.com/bin/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="17">
      <Name>acublog.dll</Name>
      <URL>/bin/acublog.dll</URL>
      <FullURL>http://testaspnet.vulnweb.com/bin/acublog.dll</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="18">
      <Name>acublog.dll.bak</Name>
      <URL>/bin/acublog.dll.bak</URL>
      <FullURL>http://testaspnet.vulnweb.com/bin/acublog.dll.bak</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="19">
      <Name>acublog.pdb</Name>
      <URL>/bin/acublog.pdb</URL>
      <FullURL>http://testaspnet.vulnweb.com/bin/acublog.pdb</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="20">
      <Name>acuweaver.dll</Name>
      <URL>/bin/acuweaver.dll</URL>
      <FullURL>http://testaspnet.vulnweb.com/bin/acuweaver.dll</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="21">
      <Name>jscripts</Name>
      <URL>/jscripts/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="22">
      <Name>tiny_mce</Name>
      <URL>/jscripts/tiny_mce/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="23">
      <Name>langs</Name>
      <URL>/jscripts/tiny_mce/langs/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/langs/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="24">
      <Name>en.js</Name>
      <URL>/jscripts/tiny_mce/langs/en.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/langs/en.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="25">
      <Name>themes</Name>
      <URL>/jscripts/tiny_mce/themes/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="26">
      <Name>simple</Name>
      <URL>/jscripts/tiny_mce/themes/simple/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="27">
      <Name>css</Name>
      <URL>/jscripts/tiny_mce/themes/simple/css/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="28">
      <Name>editor_content.css</Name>
      <URL>/jscripts/tiny_mce/themes/simple/css/editor_content.css</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/editor_content.css</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="29">
      <Name>editor_popup.css</Name>
      <URL>/jscripts/tiny_mce/themes/simple/css/editor_popup.css</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/editor_popup.css</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="30">
      <Name>editor_ui.css</Name>
      <URL>/jscripts/tiny_mce/themes/simple/css/editor_ui.css</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/editor_ui.css</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="31">
      <Name>images</Name>
      <URL>/jscripts/tiny_mce/themes/simple/images/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/images/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="32">
      <Name>editor_template.js</Name>
      <URL>/jscripts/tiny_mce/themes/simple/editor_template.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/editor_template.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="33">
      <Name>editor_template_src.js</Name>
      <URL>/jscripts/tiny_mce/themes/simple/editor_template_src.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/editor_template_src.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="34">
      <Name>utils</Name>
      <URL>/jscripts/tiny_mce/utils/</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="35">
      <Name>form_utils.js</Name>
      <URL>/jscripts/tiny_mce/utils/form_utils.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/form_utils.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="36">
      <Name>mctabs.js</Name>
      <URL>/jscripts/tiny_mce/utils/mctabs.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/mctabs.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="37">
      <Name>validate.js</Name>
      <URL>/jscripts/tiny_mce/utils/validate.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/validate.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="38">
      <Name>blank.htm</Name>
      <URL>/jscripts/tiny_mce/blank.htm</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/blank.htm</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="39">
      <Name>license.txt</Name>
      <URL>/jscripts/tiny_mce/license.txt</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/license.txt</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="40">
      <Name>tiny_mce.js</Name>
      <URL>/jscripts/tiny_mce/tiny_mce.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/tiny_mce.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="41">
      <Name>tiny_mce_popup.js</Name>
      <URL>/jscripts/tiny_mce/tiny_mce_popup.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/tiny_mce_popup.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="42">
      <Name>tiny_mce_src.js</Name>
      <URL>/jscripts/tiny_mce/tiny_mce_src.js</URL>
      <FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/tiny_mce_src.js</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="43">
      <Name>temp</Name>
      <URL>/temp/</URL>
      <FullURL>http://testaspnet.vulnweb.com/temp/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="44">
      <Name>.rnd</Name>
      <URL>/temp/.rnd</URL>
      <FullURL>http://testaspnet.vulnweb.com/temp/.rnd</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="45">
      <Name>utils</Name>
      <URL>/utils/</URL>
      <FullURL>http://testaspnet.vulnweb.com/utils/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="46">
      <Name>usermanager.cs</Name>
      <URL>/utils/usermanager.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/utils/usermanager.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="47">
      <Name>_vti_cnf</Name>
      <URL>/_vti_cnf/</URL>
      <FullURL>http://testaspnet.vulnweb.com/_vti_cnf/</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="48">
      <Name>acublog.csproj</Name>
      <URL>/_vti_cnf/acublog.csproj</URL>
      <FullURL>http://testaspnet.vulnweb.com/_vti_cnf/acublog.csproj</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="49">
      <Name>acublog.csproj.webinfo</Name>
      <URL>/_vti_cnf/acublog.csproj.webinfo</URL>
      <FullURL>http://testaspnet.vulnweb.com/_vti_cnf/acublog.csproj.webinfo</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="50">
      <Name>about.aspx.cs</Name>
      <URL>/about.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/about.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="51">
      <Name>about.aspx.resx</Name>
      <URL>/about.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/about.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="52">
      <Name>acublog.csproj</Name>
      <URL>/acublog.csproj</URL>
      <FullURL>http://testaspnet.vulnweb.com/acublog.csproj</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="53">
      <Name>acublog.csproj.webinfo</Name>
      <URL>/acublog.csproj.webinfo</URL>
      <FullURL>http://testaspnet.vulnweb.com/acublog.csproj.webinfo</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="54">
      <Name>assemblyinfo.cs</Name>
      <URL>/assemblyinfo.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/assemblyinfo.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="55">
      <Name>comments.aspx.cs</Name>
      <URL>/comments.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/comments.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="56">
      <Name>comments.aspx.resx</Name>
      <URL>/comments.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/comments.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="57">
      <Name>default.aspx.cs</Name>
      <URL>/default.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/default.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="58">
      <Name>default.aspx.resx</Name>
      <URL>/default.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/default.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="59">
      <Name>global.asax</Name>
      <URL>/global.asax</URL>
      <FullURL>http://testaspnet.vulnweb.com/global.asax</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="60">
      <Name>global.asax.cs</Name>
      <URL>/global.asax.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/global.asax.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="61">
      <Name>global.asax.resx</Name>
      <URL>/global.asax.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/global.asax.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="62">
      <Name>login.aspx.cs</Name>
      <URL>/login.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/login.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="63">
      <Name>login.aspx.resx</Name>
      <URL>/login.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/login.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="64">
      <Name>logout.aspx</Name>
      <URL>/logout.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/logout.aspx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="65">
      <Name>logout.aspx.cs</Name>
      <URL>/logout.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/logout.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="66">
      <Name>logout.aspx.resx</Name>
      <URL>/logout.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/logout.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="67">
      <Name>mainmenu.ascx</Name>
      <URL>/mainmenu.ascx</URL>
      <FullURL>http://testaspnet.vulnweb.com/mainmenu.ascx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="68">
      <Name>mainmenu.ascx.cs</Name>
      <URL>/mainmenu.ascx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/mainmenu.ascx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="69">
      <Name>mainmenu.ascx.resx</Name>
      <URL>/mainmenu.ascx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/mainmenu.ascx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="70">
      <Name>postnews.aspx</Name>
      <URL>/postnews.aspx</URL>
      <FullURL>http://testaspnet.vulnweb.com/postnews.aspx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="71">
      <Name>postnews.aspx.cs</Name>
      <URL>/postnews.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/postnews.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="72">
      <Name>postnews.aspx.resx</Name>
      <URL>/postnews.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/postnews.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="73">
      <Name>readnews.aspx.cs</Name>
      <URL>/readnews.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/readnews.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="74">
      <Name>readnews.aspx.resx</Name>
      <URL>/readnews.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/readnews.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="75">
      <Name>rightpanel.ascx</Name>
      <URL>/rightpanel.ascx</URL>
      <FullURL>http://testaspnet.vulnweb.com/rightpanel.ascx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="76">
      <Name>rightpanel.ascx.cs</Name>
      <URL>/rightpanel.ascx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/rightpanel.ascx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="77">
      <Name>rightpanel.ascx.resx</Name>
      <URL>/rightpanel.ascx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/rightpanel.ascx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="78">
      <Name>rssfeed.aspx.cs</Name>
      <URL>/rssfeed.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/rssfeed.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="79">
      <Name>rssfeed.aspx.resx</Name>
      <URL>/rssfeed.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/rssfeed.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="80">
      <Name>signup.aspx.cs</Name>
      <URL>/signup.aspx.cs</URL>
      <FullURL>http://testaspnet.vulnweb.com/signup.aspx.cs</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="81">
      <Name>signup.aspx.resx</Name>
      <URL>/signup.aspx.resx</URL>
      <FullURL>http://testaspnet.vulnweb.com/signup.aspx.resx</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="82">
      <Name>test.txt</Name>
      <URL>/test.txt</URL>
      <FullURL>http://testaspnet.vulnweb.com/test.txt</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="83">
      <Name>web.config</Name>
      <URL>/web.config</URL>
      <FullURL>http://testaspnet.vulnweb.com/web.config</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
     <SiteFile id="84">
      <Name>robots.txt</Name>
      <URL>/robots.txt</URL>
      <FullURL>http://testaspnet.vulnweb.com/robots.txt</FullURL>
      <Inputs>
      </Inputs>
      <Variations>
      </Variations>
     </SiteFile>
   </SiteFiles>
  </Crawler>
    <ReportItems>

      <ReportItem id="0" color="orange">
       <Name><![CDATA[ASP.NET error message]]></Name>
       <ModuleName><![CDATA[Scripting (ASP_NET_Error_Message.script)]]></ModuleName>
       <Details><![CDATA[Error message pattern found: <font color="dark">&lt;title&gt;Illegal characters in path.&lt;/title&gt;</font><br/>Version information found: <font color="dark">Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053
</font>]]></Details>
       <Affects><![CDATA[Web Server]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[The error messages may disclose sensitive information. This information can be used to launch further attacks.]]></Impact>
       <Description><![CDATA[By requesting a specially crafted URL is possible to generate an ASP.NET error message. The message contains the complete stack trace and Microsoft .NET Framework Version.<br/><br/>
]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Adjust web.config to enable custom errors for remote clients. Set <b>customErrors</b> mode to <b>Off</b> or <b>RemoteOnly</b>. customErrors is part of  system.web Element. RemoteOnly specifies that custom errors are shown only to the remote clients, and that ASP.NET errors are shown to the local host. This is the default value. <br/>

<pre wrap="virtual">
&lt;configuration&gt;
    &lt;system.web&gt;
      &lt;customErrors mode=&quot;RemoteOnly&quot; /&gt;
  &lt;/system.web&gt;
&lt;/configuration&gt;
</pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /|~.aspx HTTP/1.1
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 500 Internal Server Error
Date: Thu, 14 Nov 2013 14:26:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3670
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[customErrors Element (ASP.NET Settings Schema)]]></Database>
          <URL><![CDATA[http://msdn.microsoft.com/en-us/library/vstudio/h0hfz6fc%28v=vs.100%29.aspx]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="1" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;Default.aspx&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZDUAskqLyfS1MBsZINJY6LpGzdzU&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-105242905#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehdd5##J####0## #X##F###&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET / HTTP/1.1
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12967
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="2" color="blue">
       <Name><![CDATA[Clickjacking: X-Frame-Options header missing]]></Name>
       <ModuleName><![CDATA[Scripting (Clickjacking_X_Frame_Options.script)]]></ModuleName>
       <Details><![CDATA[No details are available.]]></Details>
       <Affects><![CDATA[Web Server]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[low]]></Severity>
       <Type><![CDATA[Configuration]]></Type>
       <Impact><![CDATA[The impact depends on the affected web application. ]]></Impact>
       <Description><![CDATA[Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. <br/><br/>
The server didn't return an <b>X-Frame-Options</b> header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a &lt;frame&gt; or &lt;iframe&gt;. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.
]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Configure your web server to include an  X-Frame-Options header. Consult Web references for more information about the possible values for this header.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET / HTTP/1.1
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12967
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The X-Frame-Options response header]]></Database>
          <URL><![CDATA[https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Clickjacking]]></Database>
          <URL><![CDATA[http://en.wikipedia.org/wiki/Clickjacking]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Original Clickjacking paper]]></Database>
          <URL><![CDATA[http://www.sectheory.com/clickjacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="3" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;about.aspx&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZCUArJ3C1Fln0zT65m8W+6wYPSdL&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-105242905#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehdd%#####Yg#4##o####='K&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/about.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /about.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 13528
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="4" color="green">
       <Name><![CDATA[Password type input with auto-complete enabled]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>frmLogin</b> with action <b>login.aspx</b> has autocomplete enabled.]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
       <Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code>&lt;INPUT TYPE=&quot;password&quot; AUTOCOMPLETE=&quot;off&quot;&gt;</code></pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12329
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="5" color="orange">
       <Name><![CDATA[User credentials are sent in clear text]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Form name: <font color="navy">frmLogin</font><br/>Form action: <font color="navy">http://testaspnet.vulnweb.com/login.aspx</font><br/>Form method: <font color="navy">POST</font><br/><br/>Form inputs:<br/><ul><li>__EVENTTARGET [Hidden]</li><li>__EVENTARGUMENT [Hidden]</li><li>__VIEWSTATE [Hidden]</li><li>__EVENTVALIDATION [Hidden]</li><li>tbUsername [Text]</li><li>tbPassword [Password]</li><li>cbPersistCookie [Checkbox]</li><li>btnLogin [Submit]</li></ul>]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.]]></Impact>
       <Description><![CDATA[User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12329
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="6" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;frmLogin&quot;</font><br/>form action: <font color="dark">&quot;login.aspx&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W+w+8Zj9n0mGriLs0UbfzYNdg==&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-223969811#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd####__ControlsRequirePostBackKey__####cbPersistCookie##o###c#}&amp;####E#6
v&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12329
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="7" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12329
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="8" color="green">
       <Name><![CDATA[Password type input with auto-complete enabled]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>Form1</b> with action <b>signup.aspx</b> has autocomplete enabled.]]></Details>
       <Affects><![CDATA[/signup.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
       <Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code>&lt;INPUT TYPE=&quot;password&quot; AUTOCOMPLETE=&quot;off&quot;&gt;</code></pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /signup.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12014
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="9" color="orange">
       <Name><![CDATA[User credentials are sent in clear text]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Form name: <font color="navy">Form1</font><br/>Form action: <font color="navy">http://testaspnet.vulnweb.com/signup.aspx</font><br/>Form method: <font color="navy">POST</font><br/><br/>Form inputs:<br/><ul><li>__EVENTTARGET [Hidden]</li><li>__EVENTARGUMENT [Hidden]</li><li>__VIEWSTATE [Hidden]</li><li>__EVENTVALIDATION [Hidden]</li><li>tbUsername [Text]</li><li>tbPassword [Password]</li><li>btnSignup [Submit]</li></ul>]]></Details>
       <Affects><![CDATA[/signup.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.]]></Impact>
       <Description><![CDATA[User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /signup.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12014
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="10" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;signup.aspx&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZHEZ3VN6SP/C2xESDN/Y3p8zhfSB&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-643286583#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehddq##SzH##########3###&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/signup.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /signup.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12014
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="11" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;readnews.aspx?id=2&amp;NewsAd=ads%2fdef.html&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwv&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-352232569#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:35:22 AMd########&lt;Web attacks - can your web applications withstand the force?d#########7&lt;p&gt;&lt;strong&gt;Acunetix combats rise in web attacks with Acunetix                            Web Vulnerability Scanner 2 &lt;/strong&gt;&lt;/p&gt;                           &lt;p&gt;21 July 2005 - &lt;strong&gt;Start-up company Acunetix released                            Acunetix We&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/readnews.aspx (f6272bf70dcf239f162f7915a4e4b3b8)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /readnews.aspx?id=2&amp;NewsAd=ads/def.html HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29264
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="12" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;comments.aspx?id=2&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNh&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-862703162#d#####d#
###d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:35:22 AMd########&lt;Web attacks - can your web applications withstand the force?####ReadNews.aspx?id=2d##########21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Inj&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/comments.aspx (cfbc7026028fd30e88c94fcdc534d6ba)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /comments.aspx?id=2 HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 20197
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="13" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;readnews.aspx?id=0&amp;NewsAd=ads%2fdef.html&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozMjozMCBBTWQCBQ8WAh8BBT1XYXRjaGZpcmUgTGljZW5zZXMgUGF0ZW50ZWQgSW50ZWxsZWN0dWFsIFByb3BlcnR5IHRvIEFjdW5ldGl4ZAIHDxYCHwEFwSQgICAgICAgICAgICAgICAgICAgICAgICAgICAxNCBTZXB0ZW1iZXIgMjAwNSAtIFdhdGNoZmlyZSwgYSBwcm92aWRlciBvZiBzb2Z0d2FyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbmQgc2VydmljZXMgdG8gbWFu&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-352232569#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:32:30 AMd########=Watchfire Licenses Patented Intellectual Property to Acunetixd#########$                           14 September 2005 - Watchfire, a provider of software                            and services to manage online risk, and Acunetix, provider                            of the Acunetix Web Vulnerability Scanner, today announced   &quot;</font><br/>]]></Details>
       <Affects><![CDATA[/readnews.aspx (54db37c887f8663f3ac272fd57842c59)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /readnews.aspx?id=0&amp;NewsAd=ads/def.html HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 23636
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="14" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;comments.aspx?id=0&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozMjozMCBBTWQCBQ8WBB8BBT1XYXRjaGZpcmUgTGljZW5zZXMgUGF0ZW50ZWQgSW50ZWxsZWN0dWFsIFByb3BlcnR5IHRvIEFjdW5ldGl4HwAFElJlYWROZXdzLmFzcHg/aWQ9MGQCBw8WAh8BBT5XYXRjaGZpcmUgYW5kIEFjdW5ldGl4IEFsc28gRW50ZXIgaW50byBDcm9zcy1MaWNlbnNlIEFncmVlbWVudGQCCQ9kFgICAQ9kFhJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9j&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-862703162#d#####d#
###d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:32:30 AMd########=Watchfire Licenses Patented Intellectual Property to Acunetix####ReadNews.aspx?id=0d########&gt;Watchfire and Acunetix Also Enter into Cross-License Agreementd#	#d#####d##f#d##f######%&lt;IMG src=&quot;images/comment-before.gif&quot;&gt;d###d##f#####class##Commentd###d##f######$&lt;IMG src=&quot;images/comment-after.gif&quot;&gt;d###d##f######%&lt;IMG src=&quot;images&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/comments.aspx (3cff0a3b9e9e434739b9c4da2938e086)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /comments.aspx?id=0 HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 14197
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="15" color="green">
       <Name><![CDATA[GHDB: Frontpage extensions for Unix]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">allinurl:(&quot;/*/_vti_pvt/&quot; | &quot;/*/_vti_cnf/&quot;)</font></pre>]]></Details>
       <Affects><![CDATA[/_vti_cnf]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Sensitive Directories</font><br/><br/>Frontpage extensions for Unix ? So be it..<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /_vti_cnf/ HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/Default.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 403 Forbidden
Content-Length: 218
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 14 Nov 2013 14:26:37 GMT
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="16" color="green">
       <Name><![CDATA[GHDB: Frontpage extensions for Unix]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">allinurl:(&quot;/*/_vti_pvt/&quot; | &quot;/*/_vti_cnf/&quot;)</font></pre>]]></Details>
       <Affects><![CDATA[/_vti_cnf/acublog.csproj]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Sensitive Directories</font><br/><br/>Frontpage extensions for Unix ? So be it..<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /_vti_cnf/acublog.csproj HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/Default.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 403 Forbidden
Date: Thu, 14 Nov 2013 14:26:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2358
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="17" color="green">
       <Name><![CDATA[GHDB: Frontpage extensions for Unix]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">allinurl:(&quot;/*/_vti_pvt/&quot; | &quot;/*/_vti_cnf/&quot;)</font></pre>]]></Details>
       <Affects><![CDATA[/_vti_cnf/acublog.csproj.webinfo]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Sensitive Directories</font><br/><br/>Frontpage extensions for Unix ? So be it..<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /_vti_cnf/acublog.csproj.webinfo HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/Default.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 403 Forbidden
Date: Thu, 14 Nov 2013 14:26:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2375
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="18" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx.cs]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx.cs HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/Default.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 403 Forbidden
Date: Thu, 14 Nov 2013 14:26:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2334
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="19" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx.resx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx.resx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/Default.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 403 Forbidden
Date: Thu, 14 Nov 2013 14:26:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2340
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="20" color="green">
       <Name><![CDATA[GHDB: Possible ASP.NET sensitive file (web.config)]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">filetype:config web.config -CVS</font></pre>]]></Details>
       <Affects><![CDATA[/web.config]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Files containing juicy info</font><br/><br/>Through Web.config an IIS adminstrator can specify settings like custom 404 error pages, authentication and authorization settings for the Web site. 

This file can hold a plaintext password in the worst case or just reveil the full path info on a 404 error.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /web.config HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/Default.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 403 Forbidden
Date: Thu, 14 Nov 2013 14:26:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2332
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="21" color="blue">
       <Name><![CDATA[OPTIONS method is enabled]]></Name>
       <ModuleName><![CDATA[Scripting (Options_Server_Method.script)]]></ModuleName>
       <Details><![CDATA[Methods allowed: <font color="dark"><b>OPTIONS, TRACE, GET, HEAD</b></font>]]></Details>
       <Affects><![CDATA[Web Server]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[low]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[The OPTIONS method may expose sensitive information that may help an malicious user to prepare more advanced attacks.]]></Impact>
       <Description><![CDATA[HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the web server, it represents a request for information about the communication options available on the request/response chain identified by the Request-URI. ]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[It's recommended to disable OPTIONS Method on the web server.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[OPTIONS / HTTP/1.1
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Allow: OPTIONS, TRACE, GET, HEAD
Content-Length: 0
Server: Microsoft-IIS/6.0
Public: OPTIONS, TRACE, GET, HEAD, POST
X-Powered-By: ASP.NET
Date: Thu, 14 Nov 2013 14:26:40 GMT
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Testing for HTTP Methods and XST (OWASP-CM-008)]]></Database>
          <URL><![CDATA[https://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008)]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="22" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (534f1aa002ea6e0e6ca3cd0a64bb17bd)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1142
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=fyjmttcx&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12328
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="23" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;readnews.aspx?id=3&amp;NewsAd=ads%2fdef.html&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEF8Q08cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVy&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-352232569#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:37:35 AMd########1Acunetix Web Vulnerability Scanner beta released!d#########
&lt;p&gt;During the beta phase, builds are released frequently,                            therefore it is not recommended that the same beta version                            is used for more than 30 days. To beta-test beyond 30                            days, users sho&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/readnews.aspx (e4657a51a6805d9d37502f831ddc19c6)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /readnews.aspx?id=3&amp;NewsAd=ads/def.html HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/readnews.aspx
Content-Length: 10791
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16884
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="24" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;readnews.aspx?id=3&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEF8Q08cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVy&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-352232569#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:37:35 AMd########1Acunetix Web Vulnerability Scanner beta released!d#########
&lt;p&gt;During the beta phase, builds are released frequently,                            therefore it is not recommended that the same beta version                            is used for more than 30 days. To beta-test beyond 30                            days, users sho&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/readnews.aspx (2ae3ef37ff42a40617d25a9c1c42559d)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /readnews.aspx?id=3 HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/comments.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16787
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="25" color="green">
       <Name><![CDATA[Error page web server version disclosure]]></Name>
       <ModuleName><![CDATA[Scripting (Error_Page_Path_Disclosure.script)]]></ModuleName>
       <Details><![CDATA[Information disclosure pattern found: <font color="dark">Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053</font>]]></Details>
       <Affects><![CDATA[Web Server]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Configuration]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[By requesting a page that doesn't exist, an error page was returned. This error page contains the web server version number and a list of modules enabled on this server. This information can be used to conduct further attacks.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[If you are using Apache, you can setup a custom 404 page by following the instructions provided in the References section.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /R9bwZuGkQ0.aspx HTTP/1.1
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 404 Not Found
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3347
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Custom error responses]]></Database>
          <URL><![CDATA[http://httpd.apache.org/docs/1.3/custom-error.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Creating Custom Error Pages on Apache Servers]]></Database>
          <URL><![CDATA[http://www.webreference.com/programming/apache_errors/]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="26" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (79ea5a36a5cedd4ac82ab5b64fe8ad28)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1161
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=ljmrwpfo&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12346
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="27" color="green">
       <Name><![CDATA[Password type input with auto-complete enabled]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>frmLogin</b> with action <b>login.aspx?ReturnUrl=%2flogout.aspx</b> has autocomplete enabled.]]></Details>
       <Affects><![CDATA[/login.aspx (2cf4e729ea10427a01c01f366190f25a)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
       <Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code>&lt;INPUT TYPE=&quot;password&quot; AUTOCOMPLETE=&quot;off&quot;&gt;</code></pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/logout.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12354
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="28" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;frmLogin&quot;</font><br/>form action: <font color="dark">&quot;login.aspx?ReturnUrl=%2flogout.aspx&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W+w+8Zj9n0mGriLs0UbfzYNdg==&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-223969811#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd####__ControlsRequirePostBackKey__####cbPersistCookie##o###c#}&amp;####E#6
v&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/login.aspx (2cf4e729ea10427a01c01f366190f25a)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/logout.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12354
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="29" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (2cf4e729ea10427a01c01f366190f25a)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/logout.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12354
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="30" color="green">
       <Name><![CDATA[Password type input with auto-complete enabled]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>frmLogin</b> with action <b>login.aspx?ReturnUrl=%2fpostnews.aspx</b> has autocomplete enabled.]]></Details>
       <Affects><![CDATA[/login.aspx (7dd31244ca65de83cf0faf8d8fc754b2)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
       <Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code>&lt;INPUT TYPE=&quot;password&quot; AUTOCOMPLETE=&quot;off&quot;&gt;</code></pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/postnews.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12356
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="31" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;frmLogin&quot;</font><br/>form action: <font color="dark">&quot;login.aspx?ReturnUrl=%2fpostnews.aspx&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W+w+8Zj9n0mGriLs0UbfzYNdg==&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-223969811#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd####__ControlsRequirePostBackKey__####cbPersistCookie##o###c#}&amp;####E#6
v&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/login.aspx (7dd31244ca65de83cf0faf8d8fc754b2)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/postnews.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12356
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="32" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (7dd31244ca65de83cf0faf8d8fc754b2)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/postnews.aspx
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12356
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="33" color="orange">
       <Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[form name: <font color="dark">&quot;Form1&quot;</font><br/>form action: <font color="dark">&quot;readnews.aspx?id=2&quot;</font><br/>VIEWSTATE: <font color="dark">&quot;/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwv&quot;</font><br/>VIEWSTATE decoded: <font color="dark">&quot;#####
-352232569#d#####d#####d#########href#
login.aspx#	innerhtml##logind#######d##Visiblehd########Iposted by &lt;strong&gt;admin                    &lt;/strong&gt;11/8/2005 11:35:22 AMd########&lt;Web attacks - can your web applications withstand the force?d#########7&lt;p&gt;&lt;strong&gt;Acunetix combats rise in web attacks with Acunetix                            Web Vulnerability Scanner 2 &lt;/strong&gt;&lt;/p&gt;                           &lt;p&gt;21 July 2005 - &lt;strong&gt;Start-up company Acunetix released                            Acunetix We&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/readnews.aspx (93588f630275abc47ac25455f074741b)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
       <Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b>&lt;system.web&gt;</b></font> element: <br/><pre wrap="virtual">&lt;machineKey validation=&quot;3DES&quot;/&gt; </pre>]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /readnews.aspx?id=2 HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/readnews.aspx
Content-Length: 10779
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwK0ovnWBgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM%2blktliK1xNDntOrRvIod2XbGitg%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGS78tg0yYdYIrm%2b7bJhr2ToTj/BEA%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29235
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="34" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (2be6e0f4b01a065da1815689302d0b54)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1161
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=riqcjwfs&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12371
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="35" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (81f0efe3f5d1c23f8cdff40bfe50b960)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1142
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=hjhhosnx&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12353
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="36" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (56d7c30dbfad941e90adb621920d0432)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1142
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=vpustxlw&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12355
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="37" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (faf66eb1993c2a83f6af89ad50fbd4fd)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1161
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=usighdix&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12373
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="38" color="orange">
       <Name><![CDATA[User credentials are sent in clear text]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Form name: <font color="navy">frmLogin</font><br/>Form action: <font color="navy">http://testaspnet.vulnweb.com/login.aspx</font><br/>Form method: <font color="navy">POST</font><br/><br/>Form inputs:<br/><ul><li>__EVENTTARGET [Hidden]</li><li>__EVENTARGUMENT [Hidden]</li><li>__VIEWSTATE [Hidden]</li><li>__EVENTVALIDATION [Hidden]</li><li>tbUsername [Text]</li><li>tbPassword [Password]</li><li>cbPersistCookie [Checkbox]</li><li>btnLogin [Submit]</li></ul>]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.]]></Impact>
       <Description><![CDATA[User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12329
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="39" color="green">
       <Name><![CDATA[GHDB: Typical login page]]></Name>
       <ModuleName><![CDATA[GHDB]]></ModuleName>
       <Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
       <Affects><![CDATA[/login.aspx (239d6b360bee5200c1daef0c8f58c779)]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[info]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[Not available. Check description.]]></Impact>
       <Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Referer: http://testaspnet.vulnweb.com/login.aspx
Content-Length: 1160
Content-Type: application/x-www-form-urlencoded
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: aspectalerts
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=e&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=xeitiyuu&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12346
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
          <URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Acunetix Google hacking]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="40" color="blue">
       <Name><![CDATA[Session Cookie without Secure flag set]]></Name>
       <ModuleName><![CDATA[Crawler]]></ModuleName>
       <Details><![CDATA[Cookie name: <font color="dark">&quot;ASP.NET_SessionId&quot;</font><br/>Cookie domain: <font color="dark">&quot;testaspnet.vulnweb.com&quot;</font><br/>]]></Details>
       <Affects><![CDATA[/]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[low]]></Severity>
       <Type><![CDATA[Informational]]></Type>
       <Impact><![CDATA[None]]></Impact>
       <Description><![CDATA[This cookie does not have the Secure flag set. When a cookie is set with the Secure flag, it instructs the browser that the cookie can only be accessed over secure SSL channels. This is an important security protection for session cookies.]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[If possible, you should set the Secure flag for this cookie.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET / HTTP/1.1
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:26:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12967
]]></Response>
       </TechnicalDetails>
      <References></References>
      </ReportItem>

      <ReportItem id="41" color="red">
       <Name><![CDATA[SQL injection (verified)]]></Name>
       <ModuleName><![CDATA[Scripting (Sql_Injection.script)]]></ModuleName>
       <Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">1ACUSTART'&quot;JufNHACUEND</font></b>]]></Details>
       <Affects><![CDATA[/comments.aspx]]></Affects>
       <Parameter><![CDATA[id]]></Parameter>
       <AOP_SourceFile><![CDATA[C:\Websites\AspNet\comments.aspx]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[SQL query: SELECT NewsDate, NewsTitle, NewsShort, AuthorId, NewsId FROM news WHERE NewsId=1ACUSTART'&quot;JufNHACUEND

Stack trace:
 Method: Void ReadData()
 Method: Void OnLoad(System.EventArgs)
 Method: Void LoadRecursive()
 Method: Void ProcessRequestMain(Boolean, Boolean)
 Method: Void ProcessRequest(Boolean, Boolean)
 Method: Void ProcessRequest()
 Method: Void ProcessRequest(System.Web.HttpContext)
 Method: Void ProcessRequest(System.Web.HttpContext)
 Method: Void System.Web.HttpApplication.IExecutionStep.Execute()
 Method: System.Exception ExecuteStep(IExecutionStep, Boolean ByRef)
 Method: Void ResumeSteps(System.Exception)
 Method: System.IAsyncResult System.Web.IHttpAsyncHandler.BeginProcessRequest(System.Web.HttpContext, System.AsyncCallback, System.Object)
 Method: Void ProcessRequestInternal(System.Web.HttpWorkerRequest)
 Method: Void ProcessRequestNoDemand(System.Web.HttpWorkerRequest)
 Method: Int32 ProcessRequest(IntPtr, Int32)]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet.  Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from  SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
<h2>SQL injection mitigations</h2>

<p>We believe that web application developers often simply do not think about &quot;surprise inputs&quot;, but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>

<h2>Sanitize the input</h2>
<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out &quot;bad stuff&quot;, such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all &quot;bad stuff&quot; are unlikely to be successful.</p>
<p>Instead, rather than &quot;remove known bad data&quot;, it's better to &quot;remove everything but known good data&quot;: this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
<code><pre wrap="virtual">
    abcdefghijklmnopqrstuvwxyz
    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    0123456789
    @.-_+
</pre></code>

<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>

<p>Be aware that &quot;sanitizing the input&quot; doesn't mean merely &quot;remove the quotes&quot;, because even &quot;regular&quot; characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM table
     WHERE id = 23 OR 1=1;  -- Boom! Always matches!
</pre></code>
<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For &quot;dates&quot; or &quot;email addresses&quot; or &quot;integers&quot; it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>

<h2>Escape/Quotesafe the input</h2>
<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a &quot;name&quot; field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = 'Bill O''Reilly';  -- works OK
</pre></code>    
<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is &quot;protected&quot; by doubling the quotes, we get: </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = '\''; DROP TABLE users; --';  -- Boom!
</pre></code>    
<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for &quot;string quoting&quot; and &quot;string parsing&quot;, it's much more likely that the process will be done properly and safely.</p>
<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh-&gt;quote($value)</b>. These methods must be used. </p>

<h2>Use bound parameters (the PREPARE statement)</h2>
<p>Though quotesafing is a good mechanism, we're still in the area of &quot;considering user input as SQL&quot;, and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled (&quot;prepared&quot;, in SQL parlance) into an internal form. Later, this prepared query is &quot;executed&quot; with a list of parameters: </p>

<b>Example in perl</b>
<code><pre wrap="virtual">    $sth = $dbh-&gt;prepare(&quot;SELECT email, userid FROM members WHERE email = ?;&quot;);
    $sth-&gt;execute($email);
</pre></code> 
<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>

<b>Insecure version</b>
<code><pre wrap="virtual">    Statement s = connection.createStatement();
    ResultSet rs = s.executeQuery(&quot;SELECT email FROM member WHERE name = &quot;
                                 + formField); // *boom*
</pre></code> 

<p><b>Secure version</b></p>
<code><pre wrap="virtual">    PreparedStatement ps = connection.prepareStatement(
        &quot;SELECT email FROM member WHERE name = ?&quot;);
    ps.setString(1, formField);
    ResultSet rs = ps.executeQuery();
</pre></code> 

<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's &quot;just data&quot;. There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
 
<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>

<h2>Limit database permissions and segregate users</h2>
<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: &quot;log in&quot; and &quot;send me password&quot;. The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
<p>The effect here is that even a &quot;successful&quot; SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>

<h2>Use stored procedures for database access</h2>
<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the &quot;add new order&quot; procedure might reject that order if the customer were over his credit limit). </p>
<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>

<h2>Isolate the webserver</h2>
<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
<p>For instance, putting the machine in a DMZ with extremely limited pinholes &quot;inside&quot; the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>

<h2>Configure error reporting</h2>
<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /comments.aspx?id=1ACUSTART'%22JufNHACUEND HTTP/1.1
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect: enabled
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:27:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 13233
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Injection Flaws]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[SQL Injection Walkthrough]]></Database>
          <URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="42" color="red">
       <Name><![CDATA[Blind SQL Injection]]></Name>
       <ModuleName><![CDATA[Scripting (Blind_Sql_Injection.script)]]></ModuleName>
       <Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">3/**/AND/**/382=382</font></b><br/><br/>Tests performed: <ul><li>0+0+0+3 =&gt; <b>TRUE</b></li><li>0+382*377+3 =&gt; <b>FALSE</b></li><li>13-5-2-999 =&gt; <b>FALSE</b></li><li>13-5-2-3 =&gt; <b>TRUE</b></li><li>13-2*5+0+0+1-1 =&gt; <b>TRUE</b></li><li>13-2*6+0+0+1-1 =&gt; <b>FALSE</b></li><li>3 AND 2+1-1-1=1 AND 382=382 =&gt; <b>TRUE</b></li><li>3 AND 3+1-1-1=1 AND 382=382 =&gt; <b>FALSE</b></li><li>3 AND 3*2&lt;5 AND 382=382 =&gt; <b>FALSE</b></li><li>3 AND 3*2&gt;5 AND 382=382 =&gt; <b>TRUE</b></li><li>3/**/AND/**/0=1/**/AND/**/382=382 =&gt; <b>FALSE</b></li><li>3/**/AND/**/382=382 =&gt; <b>TRUE</b></li></ul><br/> Original value: <b>3</b>]]></Details>
       <Affects><![CDATA[/comments.aspx]]></Affects>
       <Parameter><![CDATA[id]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet.  Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from  SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
<h2>SQL injection mitigations</h2>

<p>We believe that web application developers often simply do not think about &quot;surprise inputs&quot;, but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>

<h2>Sanitize the input</h2>
<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out &quot;bad stuff&quot;, such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all &quot;bad stuff&quot; are unlikely to be successful.</p>
<p>Instead, rather than &quot;remove known bad data&quot;, it's better to &quot;remove everything but known good data&quot;: this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
<code><pre wrap="virtual">
    abcdefghijklmnopqrstuvwxyz
    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    0123456789
    @.-_+
</pre></code>

<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>

<p>Be aware that &quot;sanitizing the input&quot; doesn't mean merely &quot;remove the quotes&quot;, because even &quot;regular&quot; characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM table
     WHERE id = 23 OR 1=1;  -- Boom! Always matches!
</pre></code>
<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For &quot;dates&quot; or &quot;email addresses&quot; or &quot;integers&quot; it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>

<h2>Escape/Quotesafe the input</h2>
<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a &quot;name&quot; field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = 'Bill O''Reilly';  -- works OK
</pre></code>    
<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is &quot;protected&quot; by doubling the quotes, we get: </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = '\''; DROP TABLE users; --';  -- Boom!
</pre></code>    
<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for &quot;string quoting&quot; and &quot;string parsing&quot;, it's much more likely that the process will be done properly and safely.</p>
<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh-&gt;quote($value)</b>. These methods must be used. </p>

<h2>Use bound parameters (the PREPARE statement)</h2>
<p>Though quotesafing is a good mechanism, we're still in the area of &quot;considering user input as SQL&quot;, and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled (&quot;prepared&quot;, in SQL parlance) into an internal form. Later, this prepared query is &quot;executed&quot; with a list of parameters: </p>

<b>Example in perl</b>
<code><pre wrap="virtual">    $sth = $dbh-&gt;prepare(&quot;SELECT email, userid FROM members WHERE email = ?;&quot;);
    $sth-&gt;execute($email);
</pre></code> 
<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>

<b>Insecure version</b>
<code><pre wrap="virtual">    Statement s = connection.createStatement();
    ResultSet rs = s.executeQuery(&quot;SELECT email FROM member WHERE name = &quot;
                                 + formField); // *boom*
</pre></code> 

<p><b>Secure version</b></p>
<code><pre wrap="virtual">    PreparedStatement ps = connection.prepareStatement(
        &quot;SELECT email FROM member WHERE name = ?&quot;);
    ps.setString(1, formField);
    ResultSet rs = ps.executeQuery();
</pre></code> 

<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's &quot;just data&quot;. There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
 
<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>

<h2>Limit database permissions and segregate users</h2>
<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: &quot;log in&quot; and &quot;send me password&quot;. The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
<p>The effect here is that even a &quot;successful&quot; SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>

<h2>Use stored procedures for database access</h2>
<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the &quot;add new order&quot; procedure might reject that order if the customer were over his credit limit). </p>
<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>

<h2>Isolate the webserver</h2>
<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
<p>For instance, putting the machine in a DMZ with extremely limited pinholes &quot;inside&quot; the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>

<h2>Configure error reporting</h2>
<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[GET /comments.aspx?id=3/**/AND/**/382%3d382 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:27:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22650
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Injection Flaws]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[SQL Injection Walkthrough]]></Database>
          <URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="43" color="blue">
       <Name><![CDATA[Login page password-guessing attack]]></Name>
       <ModuleName><![CDATA[Scripting (Html_Authentication_Audit.script)]]></ModuleName>
       <Details><![CDATA[The scanner tested 10 invalid credentials and no account lockout was detected.]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[low]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may attempt to discover a weak password by systematically trying every possible combination of letters, numbers, and symbols until it discovers the one correct combination that works.]]></Impact>
       <Description><![CDATA[A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. <br/><br/>

This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem. ]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. ]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx HTTP/1.1
Content-Length: 1152
Content-Type: application/x-www-form-urlencoded
Referer: http://testaspnet.vulnweb.com:80/
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=e&amp;tbPassword=SnfMQ6nv&amp;tbUsername=s71nc2IH&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:27:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=ua4kaq55jbok4b45bo0lnw55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12346
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Blocking Brute Force Attacks]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Blocking_Brute_Force_Attacks]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="44" color="red">
       <Name><![CDATA[Blind SQL Injection]]></Name>
       <ModuleName><![CDATA[Scripting (Blind_Sql_Injection.script)]]></ModuleName>
       <Details><![CDATA[URL encoded POST input <b><font color="dark">tbUsername</font></b> was set to <b><font color="dark">CeNM62R3'; waitfor delay '0:0:0' -- </font></b><br/><br/>Tests performed: <ul><li>DsQdToog'; waitfor delay '0:0:6' --  =&gt; <b>6.911 s</b></li><li>dnDk3cZE'; waitfor delay '0:0:3' --  =&gt; <b>3.728 s</b></li><li>822Z2llJ'; waitfor delay '0:0:9' --  =&gt; <b>9.734 s</b></li><li>z6HEOzaP'; waitfor delay '0:0:0' --  =&gt; <b>1.248 s</b></li><li>4RemiJv6'; waitfor delay '0:0:0' --  =&gt; <b>1.248 s</b></li><li>i7Mo5Sw8'; waitfor delay '0:0:0' --  =&gt; <b>0.718 s</b></li><li>WRV67kph'; waitfor delay '0:0:0' --  =&gt; <b>0.671 s</b></li><li>wdZzXouP'; waitfor delay '0:0:6' --  =&gt; <b>6.676 s</b></li><li>CeNM62R3'; waitfor delay '0:0:0' --  =&gt; <b>0.686 s</b></li></ul><br/> Original value: <b>kjhxcchf</b>]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[tbUsername]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet.  Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from  SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
<h2>SQL injection mitigations</h2>

<p>We believe that web application developers often simply do not think about &quot;surprise inputs&quot;, but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>

<h2>Sanitize the input</h2>
<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out &quot;bad stuff&quot;, such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all &quot;bad stuff&quot; are unlikely to be successful.</p>
<p>Instead, rather than &quot;remove known bad data&quot;, it's better to &quot;remove everything but known good data&quot;: this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
<code><pre wrap="virtual">
    abcdefghijklmnopqrstuvwxyz
    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    0123456789
    @.-_+
</pre></code>

<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>

<p>Be aware that &quot;sanitizing the input&quot; doesn't mean merely &quot;remove the quotes&quot;, because even &quot;regular&quot; characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM table
     WHERE id = 23 OR 1=1;  -- Boom! Always matches!
</pre></code>
<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For &quot;dates&quot; or &quot;email addresses&quot; or &quot;integers&quot; it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>

<h2>Escape/Quotesafe the input</h2>
<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a &quot;name&quot; field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = 'Bill O''Reilly';  -- works OK
</pre></code>    
<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is &quot;protected&quot; by doubling the quotes, we get: </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = '\''; DROP TABLE users; --';  -- Boom!
</pre></code>    
<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for &quot;string quoting&quot; and &quot;string parsing&quot;, it's much more likely that the process will be done properly and safely.</p>
<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh-&gt;quote($value)</b>. These methods must be used. </p>

<h2>Use bound parameters (the PREPARE statement)</h2>
<p>Though quotesafing is a good mechanism, we're still in the area of &quot;considering user input as SQL&quot;, and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled (&quot;prepared&quot;, in SQL parlance) into an internal form. Later, this prepared query is &quot;executed&quot; with a list of parameters: </p>

<b>Example in perl</b>
<code><pre wrap="virtual">    $sth = $dbh-&gt;prepare(&quot;SELECT email, userid FROM members WHERE email = ?;&quot;);
    $sth-&gt;execute($email);
</pre></code> 
<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>

<b>Insecure version</b>
<code><pre wrap="virtual">    Statement s = connection.createStatement();
    ResultSet rs = s.executeQuery(&quot;SELECT email FROM member WHERE name = &quot;
                                 + formField); // *boom*
</pre></code> 

<p><b>Secure version</b></p>
<code><pre wrap="virtual">    PreparedStatement ps = connection.prepareStatement(
        &quot;SELECT email FROM member WHERE name = ?&quot;);
    ps.setString(1, formField);
    ResultSet rs = ps.executeQuery();
</pre></code> 

<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's &quot;just data&quot;. There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
 
<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>

<h2>Limit database permissions and segregate users</h2>
<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: &quot;log in&quot; and &quot;send me password&quot;. The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
<p>The effect here is that even a &quot;successful&quot; SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>

<h2>Use stored procedures for database access</h2>
<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the &quot;add new order&quot; procedure might reject that order if the customer were over his credit limit). </p>
<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>

<h2>Isolate the webserver</h2>
<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
<p>For instance, putting the machine in a DMZ with extremely limited pinholes &quot;inside&quot; the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>

<h2>Configure error reporting</h2>
<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx HTTP/1.1
Content-Length: 1199
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=CeNM62R3';%20waitfor%20delay%20'0:0:0'%20--%20&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:28:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12374
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Injection Flaws]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[SQL Injection Walkthrough]]></Database>
          <URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="45" color="red">
       <Name><![CDATA[SQL injection (verified)]]></Name>
       <ModuleName><![CDATA[Scripting (Sql_Injection.script)]]></ModuleName>
       <Details><![CDATA[URL encoded POST input <b><font color="dark">tbUsername</font></b> was set to <b><font color="dark">1ACUSTART'&quot;7SbaMACUEND</font></b>]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[tbUsername]]></Parameter>
       <AOP_SourceFile><![CDATA[C:\Websites\AspNet\login.aspx]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[SQL query: SELECT uname, alevel FROM users WHERE uname='1ACUSTART'&quot;7SbaMACUEND' AND upass='32cc5886dc1fa8c106a02056292c4654'

Stack trace:
 Method: Boolean Authenticate(System.String ByRef, System.String, Int32 ByRef)
 Method: Void btnLogin_Click(System.Object, System.EventArgs)
 Method: Void OnClick(System.EventArgs)
 Method: Void RaisePostBackEvent(System.String)
 Method: Void RaisePostBackEvent(System.Web.UI.IPostBackEventHandler, System.String)
 Method: Void ProcessRequestMain(Boolean, Boolean)
 Method: Void ProcessRequest(Boolean, Boolean)
 Method: Void ProcessRequest()
 Method: Void ProcessRequest(System.Web.HttpContext)
 Method: Void ProcessRequest(System.Web.HttpContext)
 Method: Void System.Web.HttpApplication.IExecutionStep.Execute()
 Method: System.Exception ExecuteStep(IExecutionStep, Boolean ByRef)
 Method: Void ResumeSteps(System.Exception)
 Method: Void ResumeStepsFromThreadPoolThread(System.Exception)
 Method: Void ResumeStepsWithAssert(System.Exception)
 Method: Void OnAsyncEventCompletion(System.IAsyncResult)
 Method: Void Complete(Boolean, System.Object, System.Exception, System.Web.RequestNotificationStatus)
 Method: Void PollLockedSessionCallback(System.Object)
 Method: Void runTryCode(System.Object)
 Method: Void ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
 Method: Void Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
 Method: Void PerformTimerCallback(System.Object)]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet.  Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from  SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
<h2>SQL injection mitigations</h2>

<p>We believe that web application developers often simply do not think about &quot;surprise inputs&quot;, but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>

<h2>Sanitize the input</h2>
<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out &quot;bad stuff&quot;, such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all &quot;bad stuff&quot; are unlikely to be successful.</p>
<p>Instead, rather than &quot;remove known bad data&quot;, it's better to &quot;remove everything but known good data&quot;: this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
<code><pre wrap="virtual">
    abcdefghijklmnopqrstuvwxyz
    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    0123456789
    @.-_+
</pre></code>

<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>

<p>Be aware that &quot;sanitizing the input&quot; doesn't mean merely &quot;remove the quotes&quot;, because even &quot;regular&quot; characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM table
     WHERE id = 23 OR 1=1;  -- Boom! Always matches!
</pre></code>
<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For &quot;dates&quot; or &quot;email addresses&quot; or &quot;integers&quot; it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>

<h2>Escape/Quotesafe the input</h2>
<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a &quot;name&quot; field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = 'Bill O''Reilly';  -- works OK
</pre></code>    
<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is &quot;protected&quot; by doubling the quotes, we get: </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = '\''; DROP TABLE users; --';  -- Boom!
</pre></code>    
<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for &quot;string quoting&quot; and &quot;string parsing&quot;, it's much more likely that the process will be done properly and safely.</p>
<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh-&gt;quote($value)</b>. These methods must be used. </p>

<h2>Use bound parameters (the PREPARE statement)</h2>
<p>Though quotesafing is a good mechanism, we're still in the area of &quot;considering user input as SQL&quot;, and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled (&quot;prepared&quot;, in SQL parlance) into an internal form. Later, this prepared query is &quot;executed&quot; with a list of parameters: </p>

<b>Example in perl</b>
<code><pre wrap="virtual">    $sth = $dbh-&gt;prepare(&quot;SELECT email, userid FROM members WHERE email = ?;&quot;);
    $sth-&gt;execute($email);
</pre></code> 
<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>

<b>Insecure version</b>
<code><pre wrap="virtual">    Statement s = connection.createStatement();
    ResultSet rs = s.executeQuery(&quot;SELECT email FROM member WHERE name = &quot;
                                 + formField); // *boom*
</pre></code> 

<p><b>Secure version</b></p>
<code><pre wrap="virtual">    PreparedStatement ps = connection.prepareStatement(
        &quot;SELECT email FROM member WHERE name = ?&quot;);
    ps.setString(1, formField);
    ResultSet rs = ps.executeQuery();
</pre></code> 

<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's &quot;just data&quot;. There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
 
<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>

<h2>Limit database permissions and segregate users</h2>
<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: &quot;log in&quot; and &quot;send me password&quot;. The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
<p>The effect here is that even a &quot;successful&quot; SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>

<h2>Use stored procedures for database access</h2>
<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the &quot;add new order&quot; procedure might reject that order if the customer were over his credit limit). </p>
<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>

<h2>Isolate the webserver</h2>
<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
<p>For instance, putting the machine in a DMZ with extremely limited pinholes &quot;inside&quot; the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>

<h2>Configure error reporting</h2>
<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx HTTP/1.1
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect: enabled
Content-Length: 1177
Content-Type: application/x-www-form-urlencoded
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;cbPersistCookie=on&amp;tbPassword=g00dPa%24%24w0rD&amp;tbUsername=1ACUSTART'%227SbaMACUEND&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:28:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12365
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Injection Flaws]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[SQL Injection Walkthrough]]></Database>
          <URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="46" color="blue">
       <Name><![CDATA[Login page password-guessing attack]]></Name>
       <ModuleName><![CDATA[Scripting (Html_Authentication_Audit.script)]]></ModuleName>
       <Details><![CDATA[The scanner tested 10 invalid credentials and no account lockout was detected.]]></Details>
       <Affects><![CDATA[/signup.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[low]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may attempt to discover a weak password by systematically trying every possible combination of letters, numbers, and symbols until it discovers the one correct combination that works.]]></Impact>
       <Description><![CDATA[A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. <br/><br/>

This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem. ]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. ]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /signup.aspx HTTP/1.1
Content-Length: 1060
Content-Type: application/x-www-form-urlencoded
Referer: http://testaspnet.vulnweb.com:80/
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnSignup=Sign%20me%20up&amp;tbPassword=wIwclpQE&amp;tbUsername=XRr9zg25&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWgKJ%2b8rsBQLStq24BwK3jsrkBALF97vxAQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMe7zvcGDW1XEmT%2bKc/cai9hiHVyk%3d&amp;__VIEWSTATE=/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZHEZ3VN6SP/C2xESDN/Y3p8zhfSB]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:29:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=tbbbkxq40eiyvn45c0scehya; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12242
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Blocking Brute Force Attacks]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Blocking_Brute_Force_Attacks]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="47" color="red">
       <Name><![CDATA[SQL injection (verified)]]></Name>
       <ModuleName><![CDATA[Scripting (Sql_Injection.script)]]></ModuleName>
       <Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">1ACUSTART'&quot;tR4ngACUEND</font></b>]]></Details>
       <Affects><![CDATA[/readnews.aspx]]></Affects>
       <Parameter><![CDATA[id]]></Parameter>
       <AOP_SourceFile><![CDATA[C:\Websites\AspNet\readnews.aspx]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[SQL query: SELECT NewsDate, NewsTitle, NewsLong, AuthorId FROM news WHERE NewsId=1ACUSTART'&quot;tR4ngACUEND

Stack trace:
 Method: Void Page_Load(System.Object, System.EventArgs)
 Method: Void OnLoad(System.EventArgs)
 Method: Void LoadRecursive()
 Method: Void ProcessRequestMain(Boolean, Boolean)
 Method: Void ProcessRequest(Boolean, Boolean)
 Method: Void ProcessRequest()
 Method: Void ProcessRequest(System.Web.HttpContext)
 Method: Void ProcessRequest(System.Web.HttpContext)
 Method: Void System.Web.HttpApplication.IExecutionStep.Execute()
 Method: System.Exception ExecuteStep(IExecutionStep, Boolean ByRef)
 Method: Void ResumeSteps(System.Exception)
 Method: System.IAsyncResult System.Web.IHttpAsyncHandler.BeginProcessRequest(System.Web.HttpContext, System.AsyncCallback, System.Object)
 Method: Void ProcessRequestInternal(System.Web.HttpWorkerRequest)
 Method: Void ProcessRequestNoDemand(System.Web.HttpWorkerRequest)
 Method: Int32 ProcessRequest(IntPtr, Int32)]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet.  Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from  SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
<h2>SQL injection mitigations</h2>

<p>We believe that web application developers often simply do not think about &quot;surprise inputs&quot;, but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>

<h2>Sanitize the input</h2>
<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out &quot;bad stuff&quot;, such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all &quot;bad stuff&quot; are unlikely to be successful.</p>
<p>Instead, rather than &quot;remove known bad data&quot;, it's better to &quot;remove everything but known good data&quot;: this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
<code><pre wrap="virtual">
    abcdefghijklmnopqrstuvwxyz
    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    0123456789
    @.-_+
</pre></code>

<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>

<p>Be aware that &quot;sanitizing the input&quot; doesn't mean merely &quot;remove the quotes&quot;, because even &quot;regular&quot; characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM table
     WHERE id = 23 OR 1=1;  -- Boom! Always matches!
</pre></code>
<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For &quot;dates&quot; or &quot;email addresses&quot; or &quot;integers&quot; it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>

<h2>Escape/Quotesafe the input</h2>
<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a &quot;name&quot; field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = 'Bill O''Reilly';  -- works OK
</pre></code>    
<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is &quot;protected&quot; by doubling the quotes, we get: </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = '\''; DROP TABLE users; --';  -- Boom!
</pre></code>    
<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for &quot;string quoting&quot; and &quot;string parsing&quot;, it's much more likely that the process will be done properly and safely.</p>
<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh-&gt;quote($value)</b>. These methods must be used. </p>

<h2>Use bound parameters (the PREPARE statement)</h2>
<p>Though quotesafing is a good mechanism, we're still in the area of &quot;considering user input as SQL&quot;, and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled (&quot;prepared&quot;, in SQL parlance) into an internal form. Later, this prepared query is &quot;executed&quot; with a list of parameters: </p>

<b>Example in perl</b>
<code><pre wrap="virtual">    $sth = $dbh-&gt;prepare(&quot;SELECT email, userid FROM members WHERE email = ?;&quot;);
    $sth-&gt;execute($email);
</pre></code> 
<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>

<b>Insecure version</b>
<code><pre wrap="virtual">    Statement s = connection.createStatement();
    ResultSet rs = s.executeQuery(&quot;SELECT email FROM member WHERE name = &quot;
                                 + formField); // *boom*
</pre></code> 

<p><b>Secure version</b></p>
<code><pre wrap="virtual">    PreparedStatement ps = connection.prepareStatement(
        &quot;SELECT email FROM member WHERE name = ?&quot;);
    ps.setString(1, formField);
    ResultSet rs = ps.executeQuery();
</pre></code> 

<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's &quot;just data&quot;. There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
 
<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>

<h2>Limit database permissions and segregate users</h2>
<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: &quot;log in&quot; and &quot;send me password&quot;. The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
<p>The effect here is that even a &quot;successful&quot; SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>

<h2>Use stored procedures for database access</h2>
<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the &quot;add new order&quot; procedure might reject that order if the customer were over his credit limit). </p>
<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>

<h2>Isolate the webserver</h2>
<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
<p>For instance, putting the machine in a DMZ with extremely limited pinholes &quot;inside&quot; the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>

<h2>Configure error reporting</h2>
<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /readnews.aspx?id=1ACUSTART'%22tR4ngACUEND&amp;NewsAd=ads/def.html HTTP/1.1
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect: enabled
Content-Length: 10791
Content-Type: application/x-www-form-urlencoded
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:29:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29377
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Injection Flaws]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[SQL Injection Walkthrough]]></Database>
          <URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="48" color="red">
       <Name><![CDATA[Blind SQL Injection]]></Name>
       <ModuleName><![CDATA[Scripting (Blind_Sql_Injection.script)]]></ModuleName>
       <Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">-1; waitfor delay '0:0:0' -- </font></b><br/><br/>Tests performed: <ul><li>-1; waitfor delay '0:0:6' --  =&gt; <b>6.271 s</b></li><li>-1; waitfor delay '0:0:3' --  =&gt; <b>3.276 s</b></li><li>-1; waitfor delay '0:0:0' --  =&gt; <b>0.39 s</b></li><li>-1; waitfor delay '0:0:9' --  =&gt; <b>9.282 s</b></li><li>-1; waitfor delay '0:0:0' --  =&gt; <b>0.265 s</b></li><li>-1; waitfor delay '0:0:0' --  =&gt; <b>0.265 s</b></li><li>-1; waitfor delay '0:0:0' --  =&gt; <b>0.281 s</b></li><li>-1; waitfor delay '0:0:6' --  =&gt; <b>6.755 s</b></li><li>-1; waitfor delay '0:0:0' --  =&gt; <b>0.764 s</b></li></ul><br/> Original value: <b>2</b>]]></Details>
       <Affects><![CDATA[/readnews.aspx]]></Affects>
       <Parameter><![CDATA[id]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet.  Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from  SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
<h2>SQL injection mitigations</h2>

<p>We believe that web application developers often simply do not think about &quot;surprise inputs&quot;, but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>

<h2>Sanitize the input</h2>
<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out &quot;bad stuff&quot;, such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all &quot;bad stuff&quot; are unlikely to be successful.</p>
<p>Instead, rather than &quot;remove known bad data&quot;, it's better to &quot;remove everything but known good data&quot;: this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
<code><pre wrap="virtual">
    abcdefghijklmnopqrstuvwxyz
    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    0123456789
    @.-_+
</pre></code>

<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>

<p>Be aware that &quot;sanitizing the input&quot; doesn't mean merely &quot;remove the quotes&quot;, because even &quot;regular&quot; characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM table
     WHERE id = 23 OR 1=1;  -- Boom! Always matches!
</pre></code>
<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For &quot;dates&quot; or &quot;email addresses&quot; or &quot;integers&quot; it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>

<h2>Escape/Quotesafe the input</h2>
<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a &quot;name&quot; field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = 'Bill O''Reilly';  -- works OK
</pre></code>    
<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is &quot;protected&quot; by doubling the quotes, we get: </p>
<code><pre wrap="virtual">
    SELECT fieldlist
      FROM customers
     WHERE name = '\''; DROP TABLE users; --';  -- Boom!
</pre></code>    
<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for &quot;string quoting&quot; and &quot;string parsing&quot;, it's much more likely that the process will be done properly and safely.</p>
<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh-&gt;quote($value)</b>. These methods must be used. </p>

<h2>Use bound parameters (the PREPARE statement)</h2>
<p>Though quotesafing is a good mechanism, we're still in the area of &quot;considering user input as SQL&quot;, and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled (&quot;prepared&quot;, in SQL parlance) into an internal form. Later, this prepared query is &quot;executed&quot; with a list of parameters: </p>

<b>Example in perl</b>
<code><pre wrap="virtual">    $sth = $dbh-&gt;prepare(&quot;SELECT email, userid FROM members WHERE email = ?;&quot;);
    $sth-&gt;execute($email);
</pre></code> 
<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>

<b>Insecure version</b>
<code><pre wrap="virtual">    Statement s = connection.createStatement();
    ResultSet rs = s.executeQuery(&quot;SELECT email FROM member WHERE name = &quot;
                                 + formField); // *boom*
</pre></code> 

<p><b>Secure version</b></p>
<code><pre wrap="virtual">    PreparedStatement ps = connection.prepareStatement(
        &quot;SELECT email FROM member WHERE name = ?&quot;);
    ps.setString(1, formField);
    ResultSet rs = ps.executeQuery();
</pre></code> 

<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's &quot;just data&quot;. There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
 
<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>

<h2>Limit database permissions and segregate users</h2>
<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: &quot;log in&quot; and &quot;send me password&quot;. The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
<p>The effect here is that even a &quot;successful&quot; SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>

<h2>Use stored procedures for database access</h2>
<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the &quot;add new order&quot; procedure might reject that order if the customer were over his credit limit). </p>
<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>

<h2>Isolate the webserver</h2>
<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
<p>For instance, putting the machine in a DMZ with extremely limited pinholes &quot;inside&quot; the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>

<h2>Configure error reporting</h2>
<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /readnews.aspx?id=-1;%20waitfor%20delay%20'0:0:0'%20--%20&amp;NewsAd=ads/def.html HTTP/1.1
Content-Length: 10791
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:29:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29398
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Injection Flaws]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[SQL Injection Walkthrough]]></Database>
          <URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="49" color="orange">
       <Name><![CDATA[Cross frame scripting]]></Name>
       <ModuleName><![CDATA[Scripting (XFS_and_Redir.script)]]></ModuleName>
       <Details><![CDATA[URL encoded GET input <b><font color="dark">NewsAd</font></b> was set to <b><font color="dark">http://www.acunetix.tst</font></b>]]></Details>
       <Affects><![CDATA[/readnews.aspx]]></Affects>
       <Parameter><![CDATA[NewsAd]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[medium]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[Malicious users may poison a frame allowing them to conduct phishing attacks.]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.<br/><br/>This is an attack technique used to trick a user into thinking that fake web site content is legitimate data. ]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /readnews.aspx?id=2&amp;NewsAd=http://www.acunetix.tst HTTP/1.1
Content-Length: 10791
Content-Type: application/x-www-form-urlencoded
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:29:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29338
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Cross Frame Scripting]]></Database>
          <URL><![CDATA[https://www.owasp.org/index.php/Cross_Frame_Scripting]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="50" color="red">
       <Name><![CDATA[Cross site scripting (verified)]]></Name>
       <ModuleName><![CDATA[Scripting (XSS.script)]]></ModuleName>
       <Details><![CDATA[URL encoded GET input <b><font color="dark">NewsAd</font></b> was set to <b><font color="dark">javascript:prompt(974652);</font></b><br/>The input is reflected inside A tag href parameter, a FORM tag action parameter or (I)FRAME src parameter.<br/>]]></Details>
       <Affects><![CDATA[/readnews.aspx]]></Affects>
       <Parameter><![CDATA[NewsAd]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[high]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them.
An attacker can steal the session cookie and take over the account, impersonating the user.
It is also possible to modify the content of the page presented to the user.
]]></Impact>
       <Description><![CDATA[This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.<br/><br/>
Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user.
Because a browser cannot know if the script should be trusted or not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser. ]]></Description>
       <DetailedInformation><![CDATA[<i>Quote from The Cross Site Scripting FAQ - http://www.cgisecurity.com/articles/xss-faq.shtml </i> 

<h2>Introduction</h2>

<p>Websites today are more complex than ever, containing a lot of dynamic content making the experience for the user more enjoyable. Dynamic content is achieved through the use of web applications which can deliver different output to a user depending on their settings and needs. Dynamic websites suffer from a threat that static websites don't, called &quot;Cross Site Scripting&quot; (or XSS dubbed by other security professionals). Currently small informational tidbits about Cross Site Scripting holes exist but none really explain them to an average person or administrator. This FAQ was written to provide a better understanding of this emerging threat, and to give guidance on detection and prevention.</p>

<h2>&quot;What is Cross Site Scripting?&quot;</h2>

<p>Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. The data is usually gathered in the form of a hyperlink which contains malicious content within it. The user will most likely click on this link from another website, instant message, or simply just reading a web board or email message. Usually the attacker will encode the malicious portion of the link to the site in HEX (or other encoding methods) so the request is less suspicious looking to the user when clicked on. After the data is collected by the web application, it creates an output page for the user containing the malicious data that was originally sent to it, but in a manner to make it appear as valid content from the website. Many popular guestbook and forum programs allow users to submit posts with html and javascript embedded in them. If for example I was logged in as &quot;john&quot; and read a message by &quot;joe&quot; that contained malicious javascript in it, then it may be possible for &quot;joe&quot; to hijack my session just by reading his bulletin board post. Further details on how attacks like this are accomplished via &quot;cookie theft&quot; are explained in detail below.</p>

<h2>&quot;What does XSS and CSS mean?&quot;</h2>

<p>Often people refer to Cross Site Scripting as CSS. There has been a lot of confusion with Cascading Style Sheets (CSS) and cross site scripting. Some security people refer to Cross Site Scripting as XSS. If you hear someone say &quot;I found a XSS hole&quot;, they are talking about Cross Site Scripting for certain.</p>


<h2>&quot;What are the threats of Cross Site Scripting?&quot;</h2>

<p>Often attackers will inject JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable application to fool a user (Read below for further details) in order to gather data from them. Everything from account hijacking, changing of user settings, cookie theft/poisoning, or false advertising is possible. New malicious uses are being found every day for XSS attacks. The post below by Brett Moore brings up a good point with regard to &quot;Denial Of Service&quot;, and potential &quot;auto-attacking&quot; of hosts if a user simply reads a post on a message board.</p>

<h2>&quot;What can I do to protect myself as a vendor?&quot;</h2>

<p>This is a simple answer. Never trust user input and always filter metacharacters. This will eliminate the majority of XSS attacks. Converting &lt; and &gt; to &amp;lt; and &amp;gt; is also suggested when it comes to script output. Remember XSS holes can be damaging and costly to your business if abused. Often attackers will disclose these holes to the public, which can erode customer and public confidence in the security and privacy of your organization's site. Filtering &lt; and &gt; alone will not solve all cross site scripting attacks and it is suggested you also attempt to filter out ( and ) by translating them to &amp;#40; and &amp;#41;, and also # and &amp; by translating them to &amp;#35 (#) and &amp;#38 (&amp;).</p>

<h2>&quot;What can I do to protect myself as a user?&quot;</h2>

<p>The easiest way to protect yourself as a user is to only follow links from the main website you wish to view. If you visit one website and it links to CNN for example, instead of clicking on it visit CNN's main site and use its search engine to find the content. This will probably eliminate ninety percent of the problem. Sometimes XSS can be executed automatically when you open an email, email attachment, read a guestbook, or bulletin board post. If you plan on opening an email, or reading a post on a public board from a person you don't know BE CAREFUL. One of the best ways to protect yourself is to turn off Javascript in your browser settings. In IE turn your security settings to high. This can prevent cookie theft, and in general is a safer thing to do.</p>

<h2>&quot;How common are XSS holes?&quot;</h2>

<p>Cross site scripting holes are gaining popularity among hackers as easy holes to find in large websites. Websites from FBI.gov, CNN.com, Time.com, Ebay, Yahoo, Apple computer, Microsoft, Zdnet, Wired, and Newsbytes have all had one form or another of XSS bugs.</p>

<p>Every month roughly 10-25 XSS holes are found in commercial products and advisories are published explaining the threat.</p>


<h2>&quot;Does encryption protect me?&quot;</h2>

<p>Websites that use SSL (https) are in no way more protected than websites that are not encrypted. The web applications work the same way as before, except the attack is taking place in an encrypted connection. People often think that because they see the lock on their browser it means everything is secure. This just isn't the case.</p>


<h2>&quot;Can XSS holes allow command execution?&quot;</h2>

<p>XSS holes can allow Javascript insertion, which may allow for limited execution. If an attacker were to exploit a browser flaw (browser hole) it could then be possible to execute commands on the client's side. If command execution were possible it would only be possible on the client side. In simple terms XSS holes can be used to help exploit other holes that may exist in your browser.</p>


<h2>&quot;What if I don't feel like fixing a CSS/XSS Hole?&quot;</h2>

<p>By not fixing an XSS hole this could allow possible user account compromise in portions of your site as they get added or updated. Cross Site Scripting has been found in various large sites recently and have been widely publicized. Left unrepaired, someone may discover it and publish a warning about your company. This may damage your company's reputation, depicting it as being lax on security matters. This of course also sends the message to your clients that you aren't dealing with every problem that arises, which turns into a trust issue. If your client doesn't trust you why would they wish to do business with you?</p>]]></DetailedInformation>
       <Recommendation><![CDATA[Your script should filter metacharacters from user input.]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /readnews.aspx?id=2&amp;NewsAd=javascript:prompt(974652); HTTP/1.1
Content-Length: 10791
Content-Type: application/x-www-form-urlencoded
Referer: http://testaspnet.vulnweb.com:80/
Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&amp;__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:29:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29346
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Acunetix Cross Site Scripting Attack]]></Database>
          <URL><![CDATA[http://www.acunetix.com/websitesecurity/cross-site-scripting.htm]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[VIDEO: How Cross-Site Scripting (XSS) Works]]></Database>
          <URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-how-cross-site-scripting-xss-works/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[The Cross Site Scripting Faq]]></Database>
          <URL><![CDATA[http://www.cgisecurity.com/xss-faq.html]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP Cross Site Scripting]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Cross_Site_Scripting]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[XSS Annihilation]]></Database>
          <URL><![CDATA[http://ha.ckers.org/blog/20060602/xss-annihilation/]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[XSS Filter Evasion Cheat Sheet]]></Database>
          <URL><![CDATA[https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[Cross site scripting]]></Database>
          <URL><![CDATA[http://en.wikipedia.org/wiki/Cross-site_scripting ]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[OWASP PHP Top 5]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
        </Reference>
        <Reference>
          <Database><![CDATA[How To: Prevent Cross-Site Scripting in ASP.NET]]></Database>
          <URL><![CDATA[http://msdn.microsoft.com/en-us/library/ms998274.aspx]]></URL>
        </Reference>
       </References>
      </ReportItem>

      <ReportItem id="51" color="blue">
       <Name><![CDATA[Login page password-guessing attack]]></Name>
       <ModuleName><![CDATA[Scripting (Html_Authentication_Audit.script)]]></ModuleName>
       <Details><![CDATA[The scanner tested 10 invalid credentials and no account lockout was detected.]]></Details>
       <Affects><![CDATA[/login.aspx]]></Affects>
       <Parameter><![CDATA[]]></Parameter>
       <AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
       <AOP_SourceLine>0</AOP_SourceLine>
       <AOP_Additional><![CDATA[]]></AOP_Additional>
       <IsFalsePositive><![CDATA[False]]></IsFalsePositive>
       <Severity><![CDATA[low]]></Severity>
       <Type><![CDATA[Validation]]></Type>
       <Impact><![CDATA[An attacker may attempt to discover a weak password by systematically trying every possible combination of letters, numbers, and symbols until it discovers the one correct combination that works.]]></Impact>
       <Description><![CDATA[A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. <br/><br/>

This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem. ]]></Description>
       <DetailedInformation><![CDATA[]]></DetailedInformation>
       <Recommendation><![CDATA[It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. ]]></Recommendation>
       <TechnicalDetails>
        <Request><![CDATA[POST /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
Content-Length: 1134
Content-Type: application/x-www-form-urlencoded
Referer: http://testaspnet.vulnweb.com:80/
Host: testaspnet.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*

btnLogin=Login&amp;tbPassword=TKVH3aFE&amp;tbUsername=P4aR2fQn&amp;__EVENTARGUMENT=&amp;__EVENTTARGET=&amp;__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&amp;__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
        <Response><![CDATA[HTTP/1.1 200 OK
Date: Thu, 14 Nov 2013 14:30:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=o1beqzbkvjzjod55ou10xuna; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12355
]]></Response>
       </TechnicalDetails>
       <References>
        <Reference>
          <Database><![CDATA[Blocking Brute Force Attacks]]></Database>
          <URL><![CDATA[http://www.owasp.org/index.php/Blocking_Brute_Force_Attacks]]></URL>
        </Reference>
       </References>
      </ReportItem>
		</ReportItems>
 </Scan>
</ScanGroup>
