Sometimes, we may have gained access to a system that has a web application being hosted. This can lead to a variety of privilege escalation exploits.

Example 1 - Windows/AD

Here we are able to edit index.html in this xampp server. Meaning we have write access.
We could add a web shell here. This could be useful as a service running a web server may run the web shell as a different user to the one we write the file as.

If PHP - https://github.com/flozz/p0wny-shell / /usr/share/webshells/php/simple-backdoor.php
If ASPX - https://github.com/strawp/web-shells/blob/master/aspxshell.aspx.txt

Left-click: follow link, Right-click: select node, Scroll: zoom