Run a nmap scan to find for open ports.
Webserver shows the IIS7 service.
Login to the FTP server via anonymous
It is a asps webserver , we can craft a reverse shell and put it inside the server.
Use msfvenom to create a payload.
Upload the payload via the FTP server.
Start a netcat listener and reload the reverse shell in the browser.
Upload it to the FTP server
Move to the inetpub\wwwroot directory to find the upload.
Run the exploit and root is gained.
Leave a Reply