You've got to love some of the hacks that people try to do on the net. I've actually been amazed by the sheer quantity of hacks against our servers at work. Fortunately, the vast majority of them have been from idiots.
For example, these attempts:
Yes, because PHP includes work so well on an ASP.NET site...
Then there are the SQL injection attempts:
I'm glad we used parameterized queries or stored procedures only...
Then there's hidden field injection:
A potentially dangerous Request.Form value was
detected from the client (hidCustomer="<a href="http://vfaxf...">).
Stuff like this is why I prefer not to disable HttpRequestValidationException. It's also why I'm trying to phase out hidden fields.
Any funky hacks that you guys have been seeing lately?