Easy intrusion into personal homepage Space

I recently studied ASP and want to apply for a free space. Looking at a satisfactory one, there are quite a few restrictions. Not only can a maximum of 30 mb of files be stored, but a single Upload File cannot exceed 1.5 MB, and ASP is not supported. How can this be done? Seriously cracking down on my enthusiasm for learning. So I thought I could not break through the limitations of the website.

First with the X-Scan2.3 scan, the results will come out soon, useful information: "Windows 2000 operating system, port 139 open", "port 80 open, the Web server uses IIS, 1433 port, ms SQL Server, and 3389 Remote Management port ".

It seems that only the Web can be started. I watched this PHP personal homepage system. No matter what it is, I should try my luck in a simple way. Log in with your account and password (this is a Web-managed home page system that does not support FTP). Create a rich4 folder under the root directory of your home page, upload the save1.dat (game record file) that you have played. Then I see that the address bar of IE is changed to: "http: // ***. php? Action = chdr & file = % 2frich4 ". No strange point is found in this address. I changed the rich4 file name to"/. ", the address bar becomes" http ://***. PHP? Action = chdr & file = % 2f /.". Make persistent efforts to change "/..." to "/...", that is, "***. php? Action = chdr & file = % 2f/... "the recycled directory is displayed. It seems that it is in the root directory of the hard disk. There are many folders on this hard disk, including the home page directory free (which contains folders on the home page) and a backup directory. What is there? Go in and check out. There is a global. Asa file in the admin sub-directory. Click Edit. Haha, the account is displayed. The subsequent process will not be mentioned.
Postscript:

In fact, the administrator of this free homepage space is still aware of Security (Windows 2000 system is installed on drive C, IIS is installed on drive D, and personal homepage is installed on drive F ). What is the problem?

1. The Personal Homepage uses the PHP system, but does not filter out special symbols such as "/" and ".", so you can read any files on drive F;

2. the personal homepage background management system adopts ASP and is stored on drive D. However, a backup is put on drive F, which allows me to read Global. the ASA file shows the "sa" account password of ms SQL Server;

3. The remote connection of the "sa" account has not been canceled or xp_mongoshell has not been deleted, so that I can execute the CMD local command.