Webresource.axd Exploit Link

[assembly: WebResource("MyApp.Scripts.custom.js", "application/x-javascript")]

This was an Insecure Deserialization vulnerability. webresource.axd exploit

Block suspicious patterns in the d parameter: [assembly: WebResource("MyApp

Even though

The d parameter contains an encrypted string that tells the ASP.NET handler which resource to load from which assembly. This encryption is performed using the machine keys located on the server. Ideally, this system should be secure: the server encrypts the request, and only the server can decrypt it. webresource.axd exploit

<customErrors mode="RemoteOnly" defaultRedirect="~/error.htm"/>