. NET advanced code audit, the eleventh classes LosFormatter to deserialize vulnerability-vulnerability warning-the black bar safety net

LosFormatter is generally used to serialize and deserialize the Web form page's view statethe ViewState, if you want to put the ViewState through a database or other persistence devices to maintain, it requires the use of specific LosFormatter class to serialize/deserialized. It is encapsulated i...

. NET advanced code audit of the first ten classes ObjectStateFormatter deserialize vulnerability-vulnerability warning-the black bar safety net

0x00 Preface ObjectStateFormatter generally used for serialization and deserialization of the state object graph, such as the commonly used ViewState is through this class to do the serialization, is located in the namespace System. Web. The UI, the advantage is that on the basis of the type stor...

. NET advanced code audit of the nine classes BinaryFormatter deserialization vulnerability-vulnerability warning-the black bar safety net

The BinaryFormatter and SoapFormatter two classes the difference between the data streams of different formats, other features on both about the same, the BinaryFormatter is located in the namespace System. Runtime. Serialization. Formatters. Binary it is the direct use of binary the way the obje...