Method is very simple, we know, generally used in ASP to apply files
two ways, through the STM file, you can directly use the source of the ASP file
The code is output directly into the customer browser.
Claim:
1,
The server side has a SHTML script mapping
2, can
Server write .stm / .shtm / .shtml suffix file
3, know the file name and relative position to see the file
Example:
to
Server directory writes Test.STM file
or
Note: When using "Virtual =", you want to specify the relative position of the root, and when using "file =", you need to specify the file for the upload directory, the relative position of Test.stm.
Input in the browser
_BLANK>
http://www.xxx.com/news/test.stm, see the source
Code, you can see the source of Index.asp files
Code. Of course, we can also write multiple files to see the source of multiple files.
Code.
There are also many friends to use this method in
On the attack, it is used to view the contents of CONN and other files, gain
The database location is the same! Mainly, you are flexible!
