%5c类的漏洞 in asp/asp.NET

Microsoft宣布ASP.NET可能存在漏洞,涉及“规范化”功能。特制请求可能使ASP.Net混淆,允许访问受保护目录。URL中斜杠、反斜杠替换或插入空格可能绕过限制,文中还给出了相关详细信息文章链接。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

%5c类的 漏洞在asp不再复述 我们看看 它在asp.net下的问题

 

Microsoft ASP.NET vulnerability (updated Oct. 7th)

Microsoft announced a possible vulnerability in ASP.NET (http://www.microsoft.com/security/incident/aspnet.mspx ). There are not much details so far, but it refers to the "canonicalization" functionality and suggest to implement then hardening measures outlined in KB887459 (http://support.microsoft.com/?kbid=887459 ).

It appears that a particularly crafted request may confuse ASP.Net and allow access to otherwise protected directories.

If a web server receives a request for a particular URL (e.g. _http://server/somedirectory/filename), the 'somedirectory/filename' part has to be mapped to a particular file located on the server. This translation has been the source of many "directory traversal" bugs. The IIS unicode exploit is probably the most famous one.

After our original posting of this diary, a few users pointed to the following articles which provide more details then provided by Microsoft's advisory:
(Thanks to Chaouki & Daniel)

http://www.heise.de/security/news/meldung/51730 (german)
http://www.derkeiler.com/Mailing-Lists/NT-Bugtraq/2004-09/0068.html
http://blogs.devleap.com/rob/archive/2004/10/02/1803.aspx (italian)
http://www.k-otik.com/news/10052004.ASPNETFlaw.php (french)

It appears that by switching a '/' character in the URL with '/' or '%5C', the canonicalization routine will be confused. So if the URL:
http://www.example.com/secure/file.apx
is password protected, using the either of the following URLs will bypass the restriction:
http://www.example.com/secure/file.apx
http://www.example.com/secure%5Cfile.apx

In addition to the slash/back-slash confusion, one reader reports that inserting a space will bypass the URL restriction as well:
http://www.example.com/%20/secure/file.apx
(had no chance to validate this method so far)

突破二级目录
..%5c

### GitFileSystemProvider 中文件未找到问题分析 当遇到 `GitFileSystemProvider` 报错提示 `stat File not found error solution COMMIT_EDITMSG.git` 时,这通常表明在操作过程中尝试访问的文件不存在或者路径不正确。以下是可能的原因及其解决方案: #### 可能原因及解决办法 1. **COMMIT_EDITMSG 文件缺失** - 在 Git 的工作流程中,`COMMIT_EDITMSG` 是用于存储当前提交消息的一个临时文件。如果该文件丢失,则可能是由于某些异常中断(如强制关闭终端或程序崩溃)导致。 - 解决方案:可以通过重新初始化提交来恢复此文件。运行以下命令以创建一个新的提交编辑消息文件: ```bash git commit --allow-empty-message --edit ``` 2. **路径配置错误** - 如果 `GitFileSystemProvider` 配置的工作区路径设置不正确,可能会导致无法定位到 `.git/COMMIT_EDITMSG` 文件。 - 检查并确认当前仓库根目录是否被正确定位。可以使用以下命令验证当前所在仓库路径: ```bash git rev-parse --show-toplevel ``` 此命令会返回顶层仓库目录的位置。 3. **缓存清理不足** - 当前索引状态可能存在冲突或其他损坏情况,建议清除本地暂存区域后再重试。 - 使用如下命令清空缓存并将更改标记为忽略: ```bash git rm -r --cached . echo ".git/" >> .gitignore git add .gitignore git commit -m "Update .gitignore" ``` 4. **插件兼容性问题** - 若正在使用的 IDE 或工具集中的 Git 插件存在 bug,也可能引发此报错。更新至最新版本或将环境切换回原生 CLI 工具测试可帮助排除干扰因素[^2]。 5. **历史记录混乱** - 存在复杂的分支合并场景下容易出现资源定位失败的情况。查看是否有未解决的冲突文件残留影响正常运作: ```bash git status ``` 并按照指示处理所有标注出来的 unmerged 路径项直至完全 clean state[^3]。 --- ### 示例代码片段展示如何修复部分常见状况 下面提供一段简单的脚本来自动化检测与修正基本层面的问题: ```python import os import subprocess def check_git_repo(): try: result = subprocess.run(['git', 'rev-parse', '--is-inside-work-tree'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) if b'true' in result.stdout: print("Inside a valid Git repository.") fix_missing_commit_editmsg() else: print("Not inside any Git repo or invalid setup detected!") except Exception as e: print(f"Error occurred while checking: {e}") def fix_missing_commit_editmsg(): base_dir = subprocess.check_output(['git', 'rev-parse', '--show-toplevel']).strip().decode('utf-8') edit_msg_path = os.path.join(base_dir, '.git', 'COMMIT_EDITMSG') if not os.path.exists(edit_msg_path): print("Missing COMMIT_EDITMSG file... Attempting recreation...") subprocess.call(['git', 'commit', '--allow-empty-message', '--edit']) if __name__ == "__main__": check_git_repo() ``` --- ###
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值