Handling MAC protected ViewState

0 votes
Hi. I am studying a web application built using ASP.NET and want to check if the ViewState is used to send any sensitive information to the server. I have discovered that it uses a ViewState with MAC protection. How can I decode this protection?
Aug 23, 2019 in Cyber Security & Ethical Hacking by Rimmi
 496 views

1 answer to this question.

0 votes

You can use BurpSuite for this. When you capture the traffic from the web application, you can use the ViewState Parser provided in Burpsuite to check for the ViewState structure. This will disclose if there is any data being sent to the server through ViiewState. And then it is upto you to decide whether the data is sensitive enough or not. 

answered Aug 23, 2019 by Juna

Related Questions In Cyber Security & Ethical Hacking

+1 vote
2 answers

Error changing Mac address: SIOCSIFHWADDR: Cannot assign requested address

I can see that you are trying ...READ MORE

answered Feb 7, 2019 in Cyber Security & Ethical Hacking by Omkar
 • 69,210 points 19,311 views
0 votes
1 answer

How to find MAC address using IP address?

To find the MAC address, run this ...READ MORE

answered Feb 9, 2019 in Cyber Security & Ethical Hacking by Omkar
 • 69,210 points 2,049 views
0 votes
1 answer

difference between mac address and ip address

MAC Address IP Address MAC Address stands for Media ...READ MORE

answered Feb 8, 2022 in Cyber Security & Ethical Hacking by Edureka
 • 13,620 points 679 views
0 votes
1 answer

Can I determine the current IP from a known MAC Address?

ARP may be used to retrieve an ...READ MORE

answered Feb 20, 2022 in Cyber Security & Ethical Hacking by Edureka
 • 12,690 points 424 views
0 votes
1 answer

How to identify Entry points for user input in a web application?

Following are the key entry points for ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Raman
 1,782 views
0 votes
1 answer

Nonstandard query string markers and field separators in a web application

You should definitely consider them as entry ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Likith
 478 views
–1 vote
1 answer

Out-of-band channels for entry points in web application hacking

The out-of-band channels for entry depends on ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Daniel
 676 views
0 votes
1 answer

Finding platform or programming language used in web application by file extension

Yes. It is possible to understand the ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Will
 808 views
0 votes
1 answer

How to check if MAC Protection is enabled for ViewState in ASP.NET application?

You can check if the ViewState is ...READ MORE

answered Aug 23, 2019 in Cyber Security & Ethical Hacking by Tina
 2,180 views
0 votes
1 answer

Nikto scan: Handling site returning custom file not found page

This is common with complex websites. To handle ...READ MORE

answered Aug 21, 2019 in Cyber Security & Ethical Hacking by Krimisha
 853 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.