Complete Web Server Access

Hi guy I am back with another POC that I found in PRIVATE program on bugcrowd let get started. So let assume the SITE name I was testing the main website and after crawling I come to know that the server is WINDOWS

I didn’t find any thing on the main website so started to find It’s subdomains after spending alot of time i found a interesting I created a account on it there is only one functionality that you can report some issue you faced in the website

I was testing the browser functionality where you can upload only IMG files. The website only accepting only IMG files & then I see the source

var allowedImageExtensionList=[“.bmp”, “.gif”, “.jpeg”, “.jpg”, “.png”]

This is JS client side validation so Iused FIREFOX extension using that I turn of the JS. Since this is a WINDOWS server i upload .ASPX shell and get access to website after getting access to the website I saw that I have ROOT access & able to control all the website on that server. But I found few different websites on that server & I am confused I dont know why.

So I made a quick report the reported that issue to the team & got this response which clear my confusion :D

I hope you guys like it please comment below if you want to give suggestion