Fairly new pentester here, having issues executing a metasploit payload uploaded by the IIS guest account. All payloads seem to fail, or do not have adequate permissions to execute.
Background on target:
IIS 6 running on Win2kSP2 with ASP. The IIS guest account has read/write/execute. I can upload a file through a vulnerability I discovered, however I cannot execute. If for example I upload and ASP shell, I receive an error saying access denied on line etc (which is at the end of the payload). I have verified ASP scripts can run by uploading something simple like document.write("hello"). Maybe I can use a different payload?
Any ideas here or suggested reading you can point me to?