Online Trace.axd File Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

Online Trace.axd File Scanner Detail

ASP.NET's includes a powerful mechanism for detailed request tracing called Trace.axd and it can also be used by attackers to gain information about requests and responses to the application.

ASP.NET's includes a powerful mechanism for detailed request tracing called Trace.axd. The Trace.axd application keeps a very detailed log of all requests made to an application over a period of time but it can also be used by attackers to gain information about requests and responses to the application.


An attacker can obtain information such as:

  1. Session cookies
  2. Session state
  3. Query string and post variables
  4. Physical path of the requested file


This means that the attacker can hijack any active user's session by using their session details.

Some Advice for Common Problems

It should be removed or access restriction should be applied.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service