Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

MVC see input that caused exception

On occasion we get some robots that like to post bad information to our website (they are attempting some kind of reflection attack) but luck for us the attempts are stopped via the default input validation that one gets with MVC.

This is nice and all, but now we want to see what the robots are actually sending and we would like to log that information. Sadly, when one gets and HttpRequestValidationException, the offending input is truncated to the point of being useless ala;

A potentially dangerous.... (field = <a href=.....)

I am trying to use an action filter to detect these exceptions, and then create a log of all of the offending input so we can see what they are trying to send.

public void OnException(ExceptionContext filterContext)
{

    HttpRequestValidationException hex = filterContext.Exception as HttpRequestValidationException;
    if (hex == null) { return; }

    // Get the data.  This will explode throwing the same exception (`HttpRequestValidationException).  Isn't there a way that we can get our hands on the information?

    string data = filterContext.HttpContext.Request.Form["field"];

....

This strikes me as odd and annoying because it seems that I now have no way of finding out what my attackers are really up to. Isn't there some way that I can get the information out of the form data without getting exceptions?

like image 524
A.R. Avatar asked Aug 20 '14 20:08

A.R.


1 Answers

Yes you can. Use HttpRequest.SaveAs to save the entire (buffered) HTTP request to disk, which you can then read-back.

like image 165
Dai Avatar answered Oct 11 '22 12:10

Dai