"ASP.NET_SessionId" "data source="

GHDB-ID:

381

Author:

anonymous

Google Dork Description:

"ASP.NET_SessionId" "data source="

.NET pages revealing their datasource and sometimes the authentication credentials with it. The complete debug line looks something like this for example:strConn	System.String Provider=sqloledb;Network Library=DBMSSOCN;Data Source=ch-sql-91;Initial Catalog=DBLive;User Id=login-orsearch;Password=0aX(v5~di)>S$+*For quick fun an attacker could modify this search to find those who use Microsoft Access as their storage: It will not suprise the experienced security digger that these files are often in a downloadeble location on the server.