emily-bcot
Reputation: 1
why hackers can decrypt my encrypted Connection String in web.config(C#)
My application is on the shared Hosting.I've encrypted my Connection String programmatically to make it secure. However, the hacker still is able to decrypt the encrpted Connection String adding scripts into the DB. Just wondering if there is a way to solve this problem? Many thanks !!!
Upvotes: 0
Views: 457
Answers (2)
tommy5dollar
Reputation: 31
.NET vulnerability discovered last September.
Make sure your .NET is up to date!
Upvotes: 1
Piskvor left the building
Reputation: 92752
If the hacker gains control over your server, he can do anything your code can do. Can your code decrypt the Connection String? (apparently yes) Then he can do it, too.
Upvotes: 0
Related Questions
- Encrypting Connection String in web.config
- asp.net mvc 3 web.config connection string encryption
- Encrypting connectionStrings in a web.config file
- decrypt connectionString in web.config?
- What is the point of Encrypt connection string in web.config?
- How to encrypt Connectionstring written in web.config from codebehind?
- How to encrypt web.config connection string
- encrypted connection string in web.config
- Encrypting the connection string in web.config file in C#
- Error occurs with an encrypted connection string in web.config