System.Web.HttpRequestValidationException: A potentially dangerous Request.Form

高手都来帮攻击攻击我做的网站，看有没漏洞，攻瘫痪了奖励100分
高手都来帮攻击攻击我做的网站，看有没漏洞，攻瘫痪了奖励100分

就这个页面
：http://qm-net.net/dingdan/yuding/hotel.aspx

请留下注入的地方，参数，我好调整

或者发到我邮箱：172619185@qq.com

先谢谢大家了

分不够再加

[解决办法]
看戏。
[解决办法]
嘿嘿，没能力的攻不进，有能力的不想攻～～～
[解决办法]
看看 jf
[解决办法]
帮顶！
[解决办法]
路过
[解决办法]
---->
[解决办法]
你服务器放在哪，我打车过去把它砸了，反正是你让攻击的
[解决办法]
分是王道
[解决办法]
地址都打不开！
[解决办法]

你要不公布源吗.大家才好找啊.

也许大家能很把更好的解决方法给你,还才你的程序才能更健壮
[解决办法]
试试！！
[解决办法]
你的验证是通过js！！
[解决办法]
Server Error in '/' Application.
--------------------------------------------

A potentially dangerous Request.Form value was detected from the client (txt_fname="<script>alert('dfghd...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (txt_fname="<script>alert('dfghd...").

Source Error:

[No relevant source lines]

Source File: c:\windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\b2c32990\3dccb028\App_Web_sgvrqfj1.0.cs Line: 0

Stack Trace:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (txt_fname="<script>alert('dfghd...").]
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +3307682
System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +108
System.Web.HttpRequest.get_Form() +119
System.Web.HttpRequest.get_HasForm() +3309630
System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +45
System.Web.UI.Page.DeterminePostBackMode() +65
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +7350
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49

ASP.dingdan_yuding_hotel_aspx.ProcessRequest(HttpContext context) in c:\windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\b2c32990\3dccb028\App_Web_sgvrqfj1.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +358
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64

--------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.1433; ASP.NET Version:2.0.50727.1433
[解决办法]
屏蔽脚本攻击啊
[解决办法]
缺少很多验证啊！
[解决办法]
-_-!

随便试用了一下。

输入“'”马上报告“第 1 行: '1' 附近有语法错误。字符串 ')' 之前有未闭合的引号。 ”

很明显浑身是洞。
[解决办法]
你检查一下数据库多了多少非法数据吧。

[解决办法]
哈哈
[解决办法]
随便来段javascript就抱错，<script type="text/javascript">alert('a')</script>这个随便打在哪，点ok都报错
[解决办法]
第 1 行: '1' 附近有语法错误。

System.Web.HttpRequestValidationExc

热点推荐