Jump to content

Need help with Windows Server 2012 if possible


Elizabeth R Casale

Recommended Posts

Hi everyone,

I am dealing with a website on Microsoft-IIS/8.5 (OS: Windows Server 2012). I was sent a module that can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script via a WebDAV PUT request. I loaded it within the Metasploit console:

8xtxVqg.png.fcc7cfdcdd7e9881ecd4db936f3d83b3.png

So I set up 'RHOSTS' with the IP address of the server, and I don't know if there is something else that I must change. When I run the exploit only with the described change, I got an error message saying 'Upload failed on /metasploitblablabla.txt [303 See other]'. I suggest that this is normal because I have not used any payloads. I tried some of them, and the messages were the same. As you may see, I haven't got any experience with this framework, and any help would be appreciated. What am I doing wrong?

Link to comment
Share on other sites

303 Other suggests the server is trying to redirect you.

This may help to understand the error (may not either), 303 Other:
https://evertpot.com/http/303-see-other

 

Also, does it have host headers for the IP address?  Or does it need an actual domain instead (e.g. example.com) to point it at the correct virtual directory?

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...