Joe Kuemerle jkuemerle
jkuemerle
/ EncryptedTypeAttribute.cs
Created
August 30, 2012 03:12
Attribute to decorate the type declaration for a class that has auto encrypted properties
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Security.Cryptography; | |
| using PostSharp.Aspects; | |
| using PostSharp.Aspects.Advices; | |
| using PostSharp.Aspects.Dependencies; | |
| namespace DataAccess.Aspects { | |
| [Serializable] |
jkuemerle
/ IEncrypted.cs
Created
August 30, 2012 03:00
IEncrypted interface for types that have auto encrypted properties
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| namespace DataAccess.Aspects | |
| { | |
| public interface IEncrypted | |
| { | |
| object AsClear(string Name); | |
| } | |
| } |
jkuemerle
/ Credential.cs
Created
August 30, 2012 02:54
Credential DTO with encrypted property attributes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| namespace DataAccess.DTO | |
| { | |
| [Aspects.EncryptedType] | |
| public class Credential | |
| { | |
| public string LoginName { get; set; } | |
| [Aspects.Encrypted] | |
| public string Password { get; set; } |
jkuemerle
/ VerifyControllerAttribute.cs
Created
August 11, 2012 03:38
ASP.NET MVC Controller verification aspect
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Web.Mvc; | |
| using PostSharp.Aspects; | |
| using PostSharp.Extensibility; | |
| namespace WebApplication.Aspects { | |
| [Serializable] | |
| public class VerifyControllerAttribute : TypeLevelAspect { |
jkuemerle
/ CSRFAttribute.cs
Created
August 8, 2012 16:07
CSRF Prevention Aspect for ASP.NET MVC and PostSharp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Linq; | |
| using System.Reflection; | |
| using System.Web.Mvc; | |
| using PostSharp.Aspects; | |
| using PostSharp.Extensibility; | |
| namespace WebApplication.Aspects |
jkuemerle
/ dancingfrog.html
Created
August 8, 2012 14:28
Dancing Frog Attack (exploits CSRF vulnerability)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <title>Dancing Frog!!!</title> | |
| </head> | |
| <body> | |
| <form name="evilform" method="post" action="http://elcheapo.com/Royalty/Edit"> | |
| <input type="hidden" id="RoyaltyPercent" name="RoyaltyPercent" type="text" value="99" /> | |
| <input id="AuthorID" name="AuthorID" type="hidden" value="213-46-8915" /> | |
| <input id="TitleID" name="TitleID" type="hidden" value="BU1032" /> | |
| </form> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Web.Mvc; | |
| namespace WebApplication.Controllers | |
| { | |
| public class RoyaltyController : Controller | |
| { | |
| public ActionResult Index() | |
| { | |
| return View(); | |
| } |
NewerOlder