Home/ Questions/Q 797255
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T22:46:28+00:00

I have a problem with my ASP.NET website, it got hacked. One hacker found

  • 0

I have a problem with my ASP.NET website, it got hacked. One hacker found a bug in my login system and he can login with every account he wants, even if the account is normal user, moderator or administrator. He can delete everything he wants.

Please can anyone help me, tell me if there is any vulnerable function or something

P.S. I’m not myself an ASP.NET programmer, I know only PHP, so please tell me exactly what I need to edit in the code, because I don’t know ASP.NET at all.

ThanksAS

    public void loginButton_Click(object sender, EventArgs e)
{
    string username = nicknameTextBox.Text;
    string password = passwordTextBox.Text;

    string returnUrl = Request.QueryString["returnUrl"];
    if (returnUrl == null) returnUrl = Convert.ToBase64String(Encoding.ASCII.GetBytes(Request.Url.ToString()));

    string message = CurrentPlayer.LoginRequest(username, password, returnUrl);

    if(message != null)
        Response.Redirect("AccountLogin.aspx?returnUrl=" + returnUrl);
}

LoginRequest:

public static string LoginRequest(string username, string password, string returnUrl)
{
    Player player = null;
    string message = InputValidator.CheckLoginRequest(username, password, out player);
    if (message != null) return message;

    message = LoginCookie.CheckLoginRequest(player);
    if (message != null) return message;

    SessionPlayer sessionPlayer = new SessionPlayer(
            player.ID, player.ActivationGuid, (PlayerRole)player.IdRole, 
            player.Nickname, player.CreationDate);        
    SessionMessages sessionMessages = new SessionMessages(player.ID);
    SessionOwnedCounts ownedCounts = new SessionOwnedCounts(player.ID);
    SessionGuestCounts guestCounts = new SessionGuestCounts(player.ID);
    SessionMatchCounts matchCounts = new SessionMatchCounts(player.ID);

    CurrentPlayer.Login(sessionPlayer, sessionMessages, ownedCounts, guestCounts, matchCounts);
    Player.UpdateLastLogin(player.ID);

    returnUrl = Encoding.ASCII.GetString(Convert.FromBase64String(returnUrl));
    HttpContext.Current.Response.Redirect(returnUrl);

    return null;
}[/code]

Login:

     private static void Login(SessionPlayer player, SessionMessages messages, SessionOwnedCounts ownedCounts, SessionGuestCounts guestCounts, SessionMatchCounts matchCounts)
{
    HttpContext.Current.Session["player"] = player;
    HttpContext.Current.Session["messages"] = messages;
    HttpContext.Current.Session["ownedCounts"] = ownedCounts;
    HttpContext.Current.Session["guestCounts"] = guestCounts;
    HttpContext.Current.Session["matchCounts"] = matchCounts;
    if (LoginCookie.Exists() == false)
        LoginCookie.AddForFirstTime(player.Nickname, player.Guid);
    else
        LoginCookie.SetToLoginAction();
}

And checkloginrequest:

    public static string CheckLoginRequest(string username, string password, out Player player)
{
    player = null;

    object lastLoginTryDateObj = HttpContext.Current.Session["lastLoginTryDate"];
    if (lastLoginTryDateObj == null)
    {
        HttpContext.Current.Session["lastLoginTryDate"] = DateTime.Now;
        HttpContext.Current.Session["lastLoginTryCount"] = 1;
    }
    else
    {
        DateTime lastLoginTryDate = (DateTime)HttpContext.Current.Session["lastLoginTryDate"];
        int lastLoginTryCount = (int)HttpContext.Current.Session["lastLoginTryCount"];
        TimeSpan ts = DateTime.Now - lastLoginTryDate;
        if (ts.TotalSeconds < 60)
        {
            if (lastLoginTryCount >= Settings.AllowedLoginTriesPerMinute)
            {
                return "Ai depasit numarul maxim de incercari pe minut .<br/>Vino inapoi dupa " + (60 - (int)ts.TotalSeconds).ToString() + " secunde.";
            }
            else
            {
                HttpContext.Current.Session["lastLoginTryCount"] = lastLoginTryCount + 1;
            }
        }
        else
        {
            HttpContext.Current.Session["lastLoginTryDate"] = DateTime.Now;
            HttpContext.Current.Session["lastLoginTryCount"] = 1;
        }
    }

    player = Player.GetPlayer(username, password);
    if (player == null)
    {
        return "Usernameul si parola nu se potrivesc.";
    }
    if (player != null && player.IsActive == false)
    {
        return "Contul a fost creat dar nu e activat.<br/> Verifica mailul " + player.Email + " si activeaza-ti contul.";
    }

    PlayerSuspended ps = BLL.PlayerSuspended.SuspendedGet(player.ID);
    if (ps != null)
    {
        return "Contul tau e suspendat pana in data de " + ps.SuspendedEndDate.ToString("dd-MM-yyyy") + ".<br/>Motivul: " + ps.SuspendedReason;
    }

    return null;
}

GetPlayer:

     public static Player GetPlayer(string nickname, string password)
    {
        Player player = null;
        object[] values = DAL.Player.GetPlayer(nickname, password);

        if (values != null)
        {
            player = new Player();
            player.SetFromValues(values);
        }

        return player;
    }

DAL.Player.GetPlayer:

    public static object[] GetPlayer(string nickname, string password)
    {
        password = Convert.ToBase64String(Encoding.ASCII.GetBytes(password));

        List<SqlParameter> sqlParams = new List<SqlParameter>();
        sqlParams.Add(new SqlParameter("@Nickname", nickname));
        sqlParams.Add(new SqlParameter("@Password", password));

        return DataBase.GetFirstRow("[spPlayer.Get]", sqlParams);
    }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your site is vulnerable to session fixation

    Why are you not using asp.net forms authentication and membership?

    • 0