· 17 min medium Windows Bastard
HTB: Bastard
Drupalgeddon 2 delivers unauthenticated RCE on a Windows Server 2008 R2 box with zero hotfixes, then JuicyPotato turns an IIS service account into SYSTEM via COM/DCOM token impersonation.
#htb
#windows
#drupal
#php +2
· 16 min easy Windows Devel
HTB: Devel
Anonymous FTP write access to an IIS web root creates a trivial foothold. The real lesson is in the privilege escalation — unpatched Windows 7 with no service packs is a kernel exploit playground.
#htb
#ftp
#iis
#aspx +4