Why are conventional methods like writing a webshell or PE file insufficient for achieving command execution on an Exchange server?

Writing a webshell may fail because the Exchange server may disable command execution functions (like `system()` in PHP). Writing PE files (exe/dll) relies on system or user startup and cannot provide real-time command execution. Both methods are passive and require additional actions (e.g., rebooting) to trigger. In contrast, modifying MachineKey for .NET deserialization enables immediate command execution via viewstate, as described in Penetration Techniques - From Exchange File Read/Write Permissions to Command Execution.