Microsoft.AspNetCore.Mvc.Localization.LocalizedHtmlStringWhat's the obsession with -1'

What's the obsession with -1'

Printed from: Snitz™ Forums 2000
URL: https://forum.snitz.com/forumTopic/Posts/70898?pagenum=1
Printed on: 04 November 2025, 21:12

Topic

Author : bobby131313
Subject : What's the obsession with -1'
Posted : 16 February 2015, 15:58
Message :

Pretty much any file on my site that uses a numeric querystring is attempted to load with a -1' value. Always China, Pakistan, Turkey, etc. Hack attempts?

Replies ...

Reply Author: Carefree
Replied on: 18 February 2015, 01:18
Message:

Probably, but the default Snitz isn't vulnerable to that type of attack. Replacing numerical values (with the exception of "pop_profile.asp") with any negative numbers will simply redirect to "default.asp". To eliminate the error message report from "pop_profile.asp", you need to add 4 lines.

Code:


Search for the following lines (appx 141-143):

	case "display" '## Display Profile

		if strDBNTUserName = "" then

Between them, insert these:


		If Request("id") > "" Then
			If Not IsNumeric(Request("id")) Then Response.Redirect "default.asp"
			If (IsNumeric(Request("id")) And Request("id") < 1) Then Response.Redirect "default.asp"
		End If

Reply Author: bobby131313
Replied on: 18 February 2015, 20:08
Message:

Thanks Carefree.