August 2018
Intermediate to advanced
404 pages
10h 22m
English
Content preview from Kali Linux Web Penetration Testing Cookbook - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
How to do it...
So, we managed to upload our web-shell to a Windows web server. It is located at http://192.168.56.14/cmd.aspx. The first thing to do is to figure out which privilege level the web server is running:
- Browse to the web-shell (http://192.168.56.14/cmd.aspx) and run the whoami command, as shown:
As you can see, our user is defaultapppool, from the iis apppool group, which is a very limited one in its default configuration.
- Next, we need to improve our method of issuing commands. Let's use msfvenom to create a reverse meterpreter shell. We will use the server's own PowerShell to execute our payload in memory, without it ever ...