Extremely simple machine

Site is running IIS6 which has a reverse shell exploit

https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269/blob/master/iis6%20reverse%20shell
 

whoami /all

Privilege Name                Description                               State  

============================= ========================================= ========

SeAuditPrivilege              Generate security audits                  Disabled

SeIncreaseQuotaPrivilege      Adjust memory quotas for a process        Disabled

SeAssignPrimaryTokenPrivilege Replace a process level token             Disabled

SeChangeNotifyPrivilege       Bypass traverse checking                  Enabled

SeImpersonatePrivilege        Impersonate a client after authentication Enabled

SeCreateGlobalPrivilege       Create global objects                     Enabled

Using multi/recon/local_exploit_suggester we can get a list of possible exploits that will work. Running the first one works.