Is AJAX hackable? - ASP.NET Forums

Home ›

ASP.NET Forums » ASP.NET AJAX » ASP.NET AJAX Discussion and Suggestions » Is AJAX hackable?

Shortcuts

Previous Next

Is AJAX hackable?

Last post 11-22-2006 5:29 PM by Luis Abreu. 2 replies.

Sort Posts:

Is AJAX hackable?

11-22-2006, 8:43 AM

Contact

Reply

10 point Member
thomask
Member since 10-26-2006, 6:47 AM
Posts 14

Hi - I recently experienced a hacker attack on my web site. Someone calling themselves "core-project" managed to replace my index.html file with their own. After I got the site on-line again, the hacked index.html was gone!?

I have absolutely no idea how they managed to break in, but I was told that the hackers might exploit some of the script technologies on the site. Since I am using AJAX (beta 1) I was wondering if any of these scripts might used to perform a break-in on the server. The passwords I use are fairly strong so I doubt they guessed it.

Any comments?

Cheers

Thomas

Filed under: ajax

Re: Is AJAX hackable?

11-22-2006, 2:29 PM

Contact

Reply

17,710 point All-Star
vivek_iit
Member since 06-18-2006, 6:13 PM
New Delhi
Posts 3,171

Hi Thomas,

AJAX has some security issues to watch out for. Check this article(pdf) for details:

http://digg.com/tech_news/Hacking_AJAX

Also, try to find out about your hackers by parsing log files on the server, and use a firewall (ZoneAlarm is free)

HTH,

Vivek

CodeASP.NET Community

Communifire: Social Networking and Business Collaboration Platform

Re: Is AJAX hackable?

11-22-2006, 5:29 PM

Contact

Reply

25,662 point All-Star
Luis Abreu
Member since 02-12-2005, 1:22 AM
Madeira [Portugal]
Posts 5,368

hello,

and is there any thing which isn't? :)

--
Regards,
Luis Abreu
email: labreu_at_gmail.com
EN blog:http://msmvps.com/blogs/luisabreu

Page 1 of 1 (3 items)

RSS Available

Contact | Advertise | Issue Management by Axosoft's OnTime | Running IIS7
All Rights Reserved. | Terms of Use | Trademarks | Privacy Statement
© 2009 Microsoft Corporation.

Channel 9

Channel 9: Nikolaj Bjørner and Leonardo de Moura: The Z3 Constraint Solver

Channel 9

Channel 9: MEF & Silverlight 4 Beta - Part 1, Introduction

WindowsClient

WindowsClient: The (Near) Final Word on Multi-Monitor Taskbars for Windows 7 - Ultramon vs. DisplayFusion

WindowsClient

WindowsClient: Looking back at 2009, and forward to 2010

Silverlight

Silverlight: Polling Video – A Viable sub-second alternative?

TechNet Edge

TechNet Edge: Windows Server 2008 R2 Quick Look #2 - Active Directory Recycle Bin

Channel 10

Channel 10: I'm a Windows 7 PC Themes

Channel 10

Channel 10: 24 Years of Windows Box Art

WindowsClient

WindowsClient: Silverlight tutorial: HOW TO build CommandLink Control in Silverlight with Expression Blend 3 and Behaviors

ASP.NET

ASP.NET: Converting an RGB Color To Hex With JavaScript

Silverlight

Silverlight: Silverlight HVP Design – Configuration & Scenarios

Channel 9

Channel 9: Channel 9 Live at PDC09: Day 3 Welcome

Channel 9

Channel 9: Channel 9 Live at PDC09: TWoC9 Day 3

Channel 10

Channel 10: Microsoft's Mobicast: Stiched Cell Streams

Channel 10

Channel 10: Festive Bing

TechNet Edge

TechNet Edge: How Microsoft Reduces Operational Risk through Business Continuity Management

Channel 9

Channel 9: Jeffrey Van Gogh and Bart De Smet: Inside System.Interactive

WindowsClient

WindowsClient: Runtime Fault Injection using TestAPI

TechNet Edge

TechNet Edge: TechNet Radio: Community Corner with John Weston (Episode 1)

TechNet Edge

TechNet Edge: Windows Firestarter Events (Part 3 of 5): IE8 - Browse the Web in Style!

Microsoft Communities