.NET Cheat Sheet (C#, ASP.NET)

Cheat sheet and tricks for the .NET programming languages (C#, ASP.NET).

• .NET Core Support Policy
• Open source tool SerialDetector speeds up discovery of .Net deserialization bugs

Recon hint: Working in .net 4.0, control IDs start with ct100

End of Life (EOL)

• .NET Core and .NET 5 Support Policy
• .NET Framework 4 Support Policy – if ASP.NET 4, use this one
• ASP.NET Support Policy

Examples

C#

Test C# code

using System;

public class HelloWorld{
	static public void Main (){
		//Code
	}
}

ASP.NET

• ASP.NET versions

ASP.NET Boilerplate (ABP) – JWT weakness

ASP.NET Boilerplate (ABP) is an open source and well-documented application framework. ABP works with the latest ASP.NET Core & EF Core but also supports ASP.NET MVC 5.x & EF 6.x as well.

The ABP Boilerplate framework uses a weak JWT signing secret by default with a predictable static value in addition to the project name, which can be easily identified for guessed. See SecurityKey in this example (GitHub). By default, JWT signing secret is the project name with a well-known static suffix:

<project name>_C421AAEE0D114E9C

The project name can usually be retrieved at this endpoint:

<URL>/AbpUserConfiguration/GetAll

If the project name cannot be found, try using psudohash to generate a list of names. Try cracking the JWT HMAC with this secret. See Proof of Concept code for ASP.Net Boilerplate JWT Authentication Bypass (GitHub).

Example – Hello World

<html xmlns="www.w3.org/1999/xhtml">
<head runat="server">
	<title>Test ASP.NET</title>
</head>
<body>
	<form id="form1" runat="server">
	<div>

	<%Response. Write( "Hello World") %>

	</div>
	</form>
</body>
</html>