meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Wednesday, August 6th, 2025: Machinekeys and VIEWSTATEs; Perplexity Unethical Learning; SonicWall Updates

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 6 August 2025

⏱️ 8 minutes

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS Stormcast Wednesday, August 6th, 2025: Machinekeys and VIEWSTATEs; Perplexity Unethical Learning; SonicWall Updates

Transcript

Click on a timestamp to play from that location

0:00.0

Hello and welcome to the Wednesday, August 6, 2025 edition of the Sands and then at Storm Center's Stormcast.

0:07.9

My name is Johannes Ulrich, recording today from Jacksonville, Florida.

0:12.6

And this episode is brought you by the sands.edu graduate certificate program in penetration testing and ethical hacking.

0:21.2

Last week when we talked about SharePoint, one of the things that kept coming up was

0:26.4

the view state. The view state is how dot net applications kind of maintain state in forms.

0:34.1

You'll typically see that view state being included as a blob.

0:38.7

Now, whenever we send something to the user like this, you of course have to protect

0:42.6

integrity, and that's part of where the machine key comes in, where the data is digitally

0:49.0

signed or protected with Mac.

0:52.5

Now, the other option is that you can also encrypt the data if, for

0:57.9

example, you have some sensitive data that's included as part of that view state. But the real

1:04.9

problem with SharePoint was that the exploit did allow access to the machine keys that are used to basically create

1:12.9

the integrity protection without that protection an attacker-speak user is able to create

1:20.8

malicious view states that when deserialized on the server can lead to arbitrary code execution.

1:28.7

And that's exactly what Boyan is walking you through here,

1:31.7

how the view state is being used, and how it can be app-used.

1:35.9

The view state is either stored in your web.config file or in the registry.

1:43.2

However, if you have multiple servers that, for example, share a load,

1:46.7

then you must store it in the web.comfig file because all the servers must use the same

1:52.8

view state.

1:53.5

So they're essentially compatible with each other.

1:56.3

If one of them creates a view state, the other server is able to read it.

...

Transcript will be available on the free plan in 15 days. Upgrade to see the full transcript now.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.