Captainhams
New Member
We have just come across an interesting and slightly amusing problem with a system I support at work as a developer. The web software is basically a transaction gateway allowing charities and voluntary organisations to process donations. The problem started with a support call from a guy trying to process a transaction but the HTTP request was blocked by his charities filtering software (WebMarshal). He contacted their IT team and was told that it was because the request going out contained the phrase "FuCkthem" in the ViewState. The software was written many years ago by my predecessor and apparently uses the ViewState quite a lot. He ended up putting the transaction through on his phone (circumventing WebMarshal's over zealous filtering policy) so all was good. We tried to replicate what he did using the same and similar data and got exactly the same phrase in the ViewState. I cannot work out exactly what data is causing this phrase to appear. I found this site which allows me to decode a ViewState but that isn't really helpful. I could try every possible permeation of characters to the left and right of the phrase until I can get the offending bit of Base64 but that would take forever.Does anybody know of a way of working out what values are causing this to happen?Here is the screenshot we initially received (important data redacted for obvious reasons). It had us all chuckling but on a serious note, the guy is pretty worried he is going to run into this again when processing donations and I can't blame him!