I have a site that is made up of sevearl aspx pages. It was recently
attacked by sql injection. I downloaded the tool described here:
http://support.microsoft.com/kb/954476 but can't seem to run it correctly.
All the examples are for asp pages, not aspx pages. I tried to find a
similar tool for aspx with no luck. When I run the tool on one of my aspx
pages I get errors, not sql injection problems.
Here's an example from the readme.html file for the tool:
msscasi_asp.exe /input="c:\sourc e\logon.asp" /output="warning s.xml"
Here's one of the warnigns I get:
** msscasi_asp: Parse warning at C:\Inetpub\wwwr oot\MySite\logo n.aspx (line
2, column 94): Ignoring unexpected settings directive. Settings directive
must be unique and must be placed at the beginning of the file.
And there's nothing in my output file. It looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<DEFECTS>
</DEFECTS>
<!--SEQ:0000000000-->
What do I do to run this on my aspx pages?
Can anyone help me out here? If I'm in the wrong newsgroup for this, please
tell me where I should post instead.
Thanks,
Keith
attacked by sql injection. I downloaded the tool described here:
http://support.microsoft.com/kb/954476 but can't seem to run it correctly.
All the examples are for asp pages, not aspx pages. I tried to find a
similar tool for aspx with no luck. When I run the tool on one of my aspx
pages I get errors, not sql injection problems.
Here's an example from the readme.html file for the tool:
msscasi_asp.exe /input="c:\sourc e\logon.asp" /output="warning s.xml"
Here's one of the warnigns I get:
** msscasi_asp: Parse warning at C:\Inetpub\wwwr oot\MySite\logo n.aspx (line
2, column 94): Ignoring unexpected settings directive. Settings directive
must be unique and must be placed at the beginning of the file.
And there's nothing in my output file. It looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<DEFECTS>
</DEFECTS>
<!--SEQ:0000000000-->
What do I do to run this on my aspx pages?
Can anyone help me out here? If I'm in the wrong newsgroup for this, please
tell me where I should post instead.
Thanks,
Keith