ScriptResource错误:我被黑客攻击?黑客攻击、错误、ScriptResource
我不断收到错误,这样对我的网站之一。它往往随机发生全天任何在夜间时段时,我不希望用户在网站上。
它总是从不同的IP地址
System.Web.HttpException:无效 视图状态。在 System.Web.UI.Page.DecryptStringWithIV(字符串 S,IVType ivType)在 System.Web.UI.Page.DecryptString(字符串 S)
或
System.Security.Cryptography.CryptographicException: 填充是无效的,不能被 除去。在 System.Security.Cryptography.RijndaelManagedTransform.DecryptData(字节[] INPUTBUFFER,的Int32 inputOffset,的Int32 inputCount,字节[]放大器; OUTPUTBUFFER, INT32 outputOffset,PaddingMode paddingMode,布尔fLast)在 System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(字节[] INPUTBUFFER,的Int32 inputOffset,的Int32 inputCount)在 System.Security.Cryptography.CryptoStream.FlushFinalBlock() 在 System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(布尔 fEncrypt,字节[] buf中,字节]修饰符, INT32开始,的Int32长度,IVType ivType,布尔useValidationSymAlgo) 在 System.Web.UI.Page.DecryptStringWithIV(字符串 S,IVType ivType)在 System.Web.UI.Page.DecryptString(字符串 S)
他们发生在这个页面:
的ScriptResource.axd?D = VVe1O4rzLSI9hB5nRzBXZxUYTQz6ylDTL9djGR
该网站的用户Ajax和运行在.NET 3。
这是有人试图侵入的网站?它是与网站上的HTML错误?
任何想法?
解决方案我相信这错误是由你造成的ViewState使用了过期的ViewStateUserKey被解密。
卸下这些错误是一个两步骤的过程:
确保您有一个站点特定的验证密钥。您可以使用多个在线资源来生成一个给你,如这个。 确保该网页的ViewStateUserKey始终保持一致。从MSDN文档:设置ViewStateUserKey属性可以帮助你从恶意用户应用程序prevent攻击。它允许你到一个标识符分配给各个用户的视图状态变量,使他们不能使用变量来生成攻击这一点。您可以将此属性设置为任何字符串值,设置如用户的会话ID或用户的身份验证的名字。
您可以通过设置它自己(也许在您的网页或基页的初始化事件)做到这一点:
如果(会话[ViewStateUserKey] == NULL)
{
。会话[ViewStateUserKey] =新的GUID()的ToString();
}
。this.Page.ViewStateUserKey =会话[ViewStateUserKey]的ToString();
不,我不认为你被黑客攻击。
I keep getting errors like this on one of my sites. It tends to happen randomly throughout the day any for periods in the night when I would not expect users on the site.
It is always from different ip addresses
System.Web.HttpException: Invalid viewstate. at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.UI.Page.DecryptString(String s)
or
System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed. at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.UI.Page.DecryptString(String s)
They happen in this page:
ScriptResource.axd?d=VVe1O4rzLSI9hB5nRzBXZxUYTQz6ylDTL9djGR
The site users Ajax and runs on .NET 3.
Is this someone trying to hack into the site? Is it an error with the html on the site?
Any ideas?
解决方案I believe this error is caused by your ViewState being decrypted using an out-of-date ViewStateUserKey.
Removing these errors is a two-step process:
Ensure you have a site-specific validation key. You can use several online resources to generate one for you, such as this one. Ensure the page's ViewStateUserKey is always consistent. From the MSDN documentation:
Setting the ViewStateUserKey property can help you prevent attacks on your application from malicious users. It does this by allowing you to assign an identifier to the view-state variable for individual users so that they cannot use the variable to generate an attack. You can set this property to any string value, such as the user's session ID or the user's authenticated name.
You can do this by setting it yourself (perhaps in your Page or base Page's Init event):
if (Session["ViewStateUserKey"] == null)
{
Session["ViewStateUserKey"] = new Guid().ToString();
}
this.Page.ViewStateUserKey = Session["ViewStateUserKey"].ToString();
And no, I don't think you're being hacked.
