Introduction
WebDAV has become a boring thing in the underground circles, WebDAV is a loophole that is often used by hacker kiddies (it's me 🤣) because the technique is easy, and there are lots of tools that can be used. One of the most famous tools is the WebDav shell maker created by hmei7.
Although considered for hacker kiddies, many people do not know that there are tools that can be used to find sites that use webDav. of course the site can also be submitted at zone-h.org.😁
The tool we are talking about is metasploit. metasploit is The world's most used penetration testing framework. Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness.
Getting Started
Before we start, we have to install Metasploit. To install Metasploit, we can download it directly from the Metasploit website Download Metasploit: World's Most Used Penetration Testing Tool | Metasploit.
Because I'm using kali linux, the metasploit package is available by default.
Running Metasploit
To run metasploit, we can use the command:
$ msfconsole
Auxiliary Module Scanner
The webdav scanner module checks whether WebDav is enabled on a server or a group of servers. This helps us to fine-tune our attacks even further. Scanner HTTP Auxiliary Modules - Metasploit Unleashed (offensive-security.com)
To use the scanner module, we can use the command:
use auxiliary/scanner/http/webdav_scanner
Set RHOSTS
The only thing we need to do now is set our RHOSTS settings and run the scanner.
$ set RHOSTS 192.134.1.200-250
$ run
192.134.1.200 is the IP Addresses to be scanned and 250 is the end of the IP Addresses. so basically we scan from 192.134.1.200 to 192.134.1.250
Scan Results
When you find the words "has WebDav enabled", it is possible that the website can be exploited.
Conclusion
Metasploit tools can be used to find websites that use webdav. But keep in mind that not all websites that use webdav can be exploited. The key is to be patient😋