· Manuel López Pérez · hackthebox
WriteUp – Bounty (HackTheBox)
Bounty write-up (HackTheBox). Easy Windows machine that exploits a vulnerability in IIS, allowing a malicious web.config to be uploaded to execute ASP code and obtain RCE. We then escalate privileges with Metasploit (MS10-092).