iis

Using ssl with localhost with asp.net mvc 5 on VS2015

蹲街弑〆低调 提交于 2021-02-19 05:54:28
问题 I'm trying to test my website locally using SSL with IIS Express. It has the following properties set: SSL Enabled set to 'true' SSL URL is set https://localhost:44354/ But whenever I open the https address, I get the following error: In "Microsoft Edge": In Google Chrome: I've read article after articles, including some on SO but to no avail. I've tried the following: I've deleted my IIS Express Development Certificate I've repaired IIS Express 10 via the Control Panel I've removed the

How to deny Embedded user agents accessing Authorization Server

∥☆過路亽.° 提交于 2021-02-19 05:52:33
问题 I am using authorization code flow with PKCE, and would like to deny access to Authorization Server if the client is using an embedded user agent. I am using IdentityServer 4 for authorization server, and Asp.net core 2.2 for the API, both running on IIS 8. I have search for solutions on how to deny embedded user agents on native application to access Authorization server, but I cant find any steps on how to implement/configure this. Is there anyone that could provide steps on how to deny

How to deny Embedded user agents accessing Authorization Server

萝らか妹 提交于 2021-02-19 05:52:16
问题 I am using authorization code flow with PKCE, and would like to deny access to Authorization Server if the client is using an embedded user agent. I am using IdentityServer 4 for authorization server, and Asp.net core 2.2 for the API, both running on IIS 8. I have search for solutions on how to deny embedded user agents on native application to access Authorization server, but I cant find any steps on how to implement/configure this. Is there anyone that could provide steps on how to deny

各种提权姿势总结

柔情痞子 提交于 2021-02-19 05:51:51
提权技巧 1.cmd拒绝访问就自己上传一个cmd.exe,自己上传的cmd是不限制后缀的,还可以是cmd.com cmd.txt cmd.rar等 2.net user不能执行有时候是net.exe被删除了,可以先试试net1,不行就自己上传一个net.exe 3.cmd执行exp没回显的解决方法:com路径那里输入exp路径 C:\RECYCLER\pr.exe ,命令那里清空(包括/c )输入 net user jianmei daxia /add 4.有时候因为监控而添加用户失败,试试上传抓取hash的工具,如PwDump7.exe,得到hash之后可以进行破解,建议重定向结果到保存为1.txt cmd /c c:\windows\temp\cookies\PwDump7.exe >1.txt ,在条件允许的情况下也可以用mimikatz直接抓明文 5.有时候权限很松,很多命令都可以执行,但是就是增加不上用户,这时候你就要考虑是不是因为密码过于简单或是过于复杂了 6.用wt.asp扫出来的目录,其中红色的文件可以替换成exp,执行命令时cmd那里输入替换的文件路径,下面清空双引号加增加用户的命令 7.有时候可以添加用户,但是添加不到管理组,有可能是administrators组改名了,使用命令 net user administrator 查看管理组的名字 8

“500 - Internal server error” when calling ASP .Net Core 2.1 Web API on Windows Server

守給你的承諾、 提交于 2021-02-19 04:32:38
问题 I have an ASP .Net Core 2.1 Web API which I've deployed to a new server we recently purchased (running Windows Server 2016 Standard). The API works perfectly on both my development PC and our old server (running Windows Server 2012 R2). But on this new server, I get this error: 500 - Internal server error. There is a problem with the resource you are looking for, and it cannot be displayed. I remember a year ago also struggling a lot trying to get it to run on our old server. I did eventually

Can't pass in “%26” to a WebGet UriTemplate variable in a WCF service?

亡梦爱人 提交于 2021-02-19 04:19:41
问题 I have a WCF service with this declared operation: [WebGet(UriTemplate = "Test/{*testString}")] public String Test(String testString) { return testString; } However when attempting to invoke the URL Test/You%26Me , IIS returns an error: A potentially dangerous Request.Path value was detected from the client (&). My goal is to allow an ampersand in the URI via its URL-Encoding: %26 The wildcard did not help. Is there any way to prevent this error without disabling security features? 回答1: Try

Can't pass in “%26” to a WebGet UriTemplate variable in a WCF service?

房东的猫 提交于 2021-02-19 04:19:06
问题 I have a WCF service with this declared operation: [WebGet(UriTemplate = "Test/{*testString}")] public String Test(String testString) { return testString; } However when attempting to invoke the URL Test/You%26Me , IIS returns an error: A potentially dangerous Request.Path value was detected from the client (&). My goal is to allow an ampersand in the URI via its URL-Encoding: %26 The wildcard did not help. Is there any way to prevent this error without disabling security features? 回答1: Try

Detecting/Diagnosing Thread Starvation

大兔子大兔子 提交于 2021-02-18 20:17:39
问题 I am doing some performance/scalability testing of an IIS application that occasionally seems to slow down to a crawl in production. I'm able to reproduce the slowness consistently using NUnit. CPU and Memory do not spike during the testing, or when the slowness occurs in production. My strong suspicion is that the application is suffering from thread starvation, since it does not appear to be CPU, Memory, I/O, or database access that is causing the bottleneck. I do see signs of what appear

Detecting/Diagnosing Thread Starvation

荒凉一梦 提交于 2021-02-18 20:13:39
问题 I am doing some performance/scalability testing of an IIS application that occasionally seems to slow down to a crawl in production. I'm able to reproduce the slowness consistently using NUnit. CPU and Memory do not spike during the testing, or when the slowness occurs in production. My strong suspicion is that the application is suffering from thread starvation, since it does not appear to be CPU, Memory, I/O, or database access that is causing the bottleneck. I do see signs of what appear

Detecting/Diagnosing Thread Starvation

假如想象 提交于 2021-02-18 20:13:34
问题 I am doing some performance/scalability testing of an IIS application that occasionally seems to slow down to a crawl in production. I'm able to reproduce the slowness consistently using NUnit. CPU and Memory do not spike during the testing, or when the slowness occurs in production. My strong suspicion is that the application is suffering from thread starvation, since it does not appear to be CPU, Memory, I/O, or database access that is causing the bottleneck. I do see signs of what appear