Principle and Application of conn. asp brute-force database Method

Learn conn today. asp brute-force library, this method is already a very old method, it is through direct access to the database connection file conn. asp causes an error on the server. The absolute path of the database is exposed by the returned error message. Here conn. asp is a database connection file, not necessarily a conn. asp file, the name can be changed, conn. asp brute-force Library Principle: an error occurs between the connection file of the database and the relative path of the calling file. For example, if the IIS root directory is D: wwwroot, an inc directory will be created under this directory, this will be known when IIS is installed.

When we want to access files in the inc directory, we only need to input http; // 127.0.0.1/inc in the browser, instead of entering http; // 127.0.0.1/wwwroot/inc. the inc directory is the level-1 directory for the root directory of wwwroot. Remember that it is relative. the absolute path of the inc directory is D: wwwrootinc, which is a level-2 directory. Remember that it is absolute.

Conn. the asp brute-force database is the root directory where the calling file is located and the database connection file conn if the database calls the database connection file to access the database. asp is usually in the inc directory under the root directory. If you call a file to access the database connection file, the database connection file conn is used. asp will find the database files under the data directory under the root directory, that is, who will access conn. asp file conn. asp will find the database files under the database directory under the directory where the file is located. It is a relative directory access process, and when we directly access conn. asp file, because no conn is called. asp file, so the relative path becomes conn. in the directory where asp is located, find the database file under the directory where the database file is located, which is generally dataxxx. mdb, while the data directory is under the root directory wwwroot, conn. the Directory of asp does not have a data directory under inc, so you can directly access conn. conn in asp. when asp calls a database file, the relative directory will be inconsistent with the absolute directory, and a relative directory error will occur. the real database path stored in the asp file is displayed in the error message to achieve the effect of the brute-force database.

In general, to exploit this vulnerability, we need to know the database connection file conn. asp [the name is not necessarily conn. the relative directory of asp] and the relative directory and absolute directory of the database, it is worth noting that during the exploitation process, the server administrator may make some settings for the server, such as not displaying error information, so that we cannot get the real database path information. other precautions should be written in the following learning logs.