Exploitation of the % 5c brute-force database

The exploitation of the % 5c storm library is no longer a new technology, because I only find a vague saying: UNICODE is % 5c. When it is submitted, IIS cannot be parsed normally, leading to the storm library. But I asked hoky. pro after the http://www.hoky.org test was successful (now I have already completed) and I learned that % 5c has something to do with IIS settings. By default, the database can be exposed.
There are also many people who say they are not successful. Here are three points:
1. Generally, the error response page is provided by local IE, so we must first turn off the local error page, in the menu item, choose tools> internet Options> advanced> show friendly information '.
2. The target database is an Access database.
3. The level-2 directory is required for the brute-force database of % 5c, And the level-1 directory fails. For example:
Asp /? Http://www.sometips.com % 5c1. asp? Id = 1 failed
Http://www.sometips.com/other%5c1.asp? Id = 1 successful

Well, we all know that it's nonsense. If a website has only a level-1 directory, is there no way to use the storm library?
Important points:
In fact, we can also succeed in the level-1 directory. we can construct a multi-level directory to achieve the goal of violent library.
As follows:
Http://www.target.com/noexists/..%5clist.asp? Id = 1

In this way, there will be new surprises.

The remedy is also simple:
Add the following sentence to the location where the database file is added in conn. asp:
On Error Resume Next
You can.