Geek Answers Handbook

ScriptResource error: have I been hacked?

I keep getting such errors on one of my sites. It tends to occur randomly during the day at any time during night periods when I do not expect users to be on the site.

It is always from different IP addresses.

System.Web.HttpException: Invalid ViewState. in System.Web.UI.Page.DecryptStringWithIV (String s, IVType ivType) with System.Web.UI.Page.DecryptString (String c)

or

System.Security.Cryptography.CryptographicException: Invalid padding and cannot be deleted. in System.Security.Cryptography.RijndaelManagedTransform.DecryptData (byte [] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte [] & OUTPUTBUFFER, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) with System.Security.CryptographyTformndij ] inputBuffer, Int32 inputOffset, Int32 inputCount) in System.Security.Cryptography.CryptoStream.FlushFinalBlock () in System.Web.Configuration.MachineKeySection.EncryptOrDecryptData (Boolean fEncrypt, Byte [] buf, int32 startte modifier [32], mod32 startte , IVType ivType, Boolean useValidationSymAlgo) in System.Web.UI.Page.DecryptStringWithIV (String s, IVType ivType) with System.Web.UI.Page.DecryptString (String c)

They occur on this page:

ScriptResource.axd?d=VVe1O4rzLSI9hB5nRzBXZxUYTQz6ylDTL9djGR

Users of the Ajax site also work on .NET 3.

Is someone trying to hack a site? Is this a bug with html on the site?

Any ideas?

+7
source share
1 answer

I believe this error is caused by the decryption of your ViewState using an obsolete ViewStateUserKey.

Removing these errors is a two-step process:

  • Make sure you have a site verification key. You can use several online resources to generate one of them, for example this one .
  • Make sure the ViewStateUserKey page is always consistent. From the MSDN documentation:

Setting the ViewStateUserKey property can help you prevent attacks on your application from malicious users. It does this by letting you assign the identifier of the view state variable to individual users so that they cannot use the variable to generate an attack. You can set this property for any string value, such as a user session identifier or an authenticated user name.

You can do this by setting it yourself (possibly in your Page or basic Page Init event):

 if (Session["ViewStateUserKey"] == null) { Session["ViewStateUserKey"] = new Guid().ToString(); } this.Page.ViewStateUserKey = Session["ViewStateUserKey"].ToString();

And no, I don’t think you were hacked.

+5
source share

More articles:


All Articles