· 14 min easy Windows Grandpa
HTB: Grandpa
A buffer overflow in IIS 6.0's WebDAV handler delivers code execution on Windows Server 2003, and token kidnapping completes the escalation to SYSTEM.
#htb
#iis
#webdav
#windows +2
· 14 min easy Windows Granny
HTB: Granny
IIS 6.0 with WebDAV enabled permits unauthenticated file upload via PUT and MOVE, bypassing extension restrictions to deploy an ASPX webshell. Token kidnapping (MS09-012) escalates NETWORK SERVICE to SYSTEM on Windows Server 2003.
#htb
#iis
#webdav
#windows +1
· 16 min easy Windows Devel
HTB: Devel
Anonymous FTP write access to an IIS web root creates a trivial foothold. The real lesson is in the privilege escalation — unpatched Windows 7 with no service packs is a kernel exploit playground.
#htb
#ftp
#iis
#aspx +4