Home > Website Builders > Cloud Servers

A brief discussion of the security of ASP based on my experience with the "hacker"

Source: Internet
Author: User
Keywords Hackers backstage security me with that encounter
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

I made a website, is a personal homepage, although not in the name of the individual, but it is only me to do this thing, I stand a set of back-Office system, with ASP, the host with the million nets, but yesterday I surf the internet, found that my investigation was changed, I thought it was my own input wrong. Quickly changed back, but after a while it was changed, but also changed more severe: The survey is, asked me to write a software is useful, I prepared the answer is:

Useful, helpful, completely useless,

He changed it to me: very useless, what help?

Also, I have a caption, said that my software is good, I certainly said that I am good, he has made me into a bunch of weeds, but the internet needs some weeds, and some personal attacks!

Also changed some of my column name, I am very angry.

Because my website is controlled by the backstage system, so I guess he went backstage.

I put a backstage demo in a subdirectory of my station, and the ASP page verification is a legitimate user is to determine whether the session of the password is null to achieve, so as long as the advanced subdirectory into the background of the demo, and then enter the background of the site file name may enter, So I deleted all the demo, but I found out that he was still doing the damage!

I have heard of the use of special code to do the password, but I did not try, also did not care, but did not want to go into other people's backstage, I think he is not using this method? So overnight change procedures, I think he will come again, put a test IP program, and check the content of his input program, It turned out that he had entered a ' or ' ' = ' into my website in the password, and I tried it myself,

So immediately started, so that every page test please password and the library to compare, finally, he did not come in! and improve the record log, note the "attack" type, time, IP, input characters, administrator access time, IP and so on. In my log, I left the exploits of that friend, who used ' or ' = with ' or '.

This article is provided by www.zydn.net

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
which of the following os is not based on linux the security of cloud computing which of the following is not a security product developer what is the goal of a database security system error on the side of what are the security features of linux what is the purpose of using javascript on a website
Related Article
The complete collection of SQL statement operations is worth ...
Some suggestions for improving SQL execution efficiency
A collection of sophisticated SQL statement techniques
3 Steps to address SQL injection pitfalls
SQL Optimization Experience Summary 34
Search results sorted by matching fields

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Hot Article
Hot Tags
computing conference access forum computer class data get http html applications
Popular Keywords
html add blank space register business logo register ssl certificate full site sign in sign up node js build cloud register register a subdomain in python network management system tutorial how to learn computer science by myself

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More