On the script kiddie level, you had different options. The easiest was simply scanning for public FTPs and IIS IPs and posting those in the member section of whatever forum you were a member of (or in public to get that access). The next level was using checking them for vulnerabilities (or in the case of FTPs checking if you had anonymous write access), those lists obviously were worth more. The higher level people would have their high-end servers (usually hacked, fast internet was expensive) and would use server to server transfer to go from their high-value FTP to some lower value ftp or IIS server for normal people to download from.
On the script kiddie level, you had different options. The easiest was simply scanning for public FTPs and IIS IPs and posting those in the member section of whatever forum you were a member of (or in public to get that access). The next level was using checking them for vulnerabilities (or in the case of FTPs checking if you had anonymous write access), those lists obviously were worth more. The higher level people would have their high-end servers (usually hacked, fast internet was expensive) and would use server to server transfer to go from their high-value FTP to some lower value ftp or IIS server for normal people to download from.