WebDAV has become a boring thing in the underground circles, WebDAV is a loophole that is often used by hacker kiddies (it's me 🤣) because the technique is easy, and there are lots of tools that can be used. One of the most famous tools is the WebDav shell maker created by hmei7.
Although considered for hacker kiddies, many people do not know that there are tools that can be used to find sites that use webDav. of course the site can also be submitted at zone-h.org.😁
The tool we are talking about is metasploit. metasploit is The world's most used penetration testing framework. Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness.
Before we start, we have to install Metasploit. To install Metasploit, we can download it directly from the Metasploit website Download Metasploit: World's Most Used Penetration Testing Tool | Metasploit.
Because I'm using kali linux, the metasploit package is available by default.
To run metasploit, we can use the command:
Auxiliary Module Scanner
The webdav scanner module checks whether WebDav is enabled on a server or a group of servers. This helps us to fine-tune our attacks even further. Scanner HTTP Auxiliary Modules - Metasploit Unleashed (offensive-security.com)
To use the scanner module, we can use the command:
The only thing we need to do now is set our RHOSTS settings and run the scanner.
$ set RHOSTS 126.96.36.199-250 $ run
188.8.131.52 is the IP Addresses to be scanned and 250 is the end of the IP Addresses. so basically we scan from 184.108.40.206 to 220.127.116.11
When you find the words "has WebDav enabled", it is possible that the website can be exploited.
Metasploit tools can be used to find websites that use webdav. But keep in mind that not all websites that use webdav can be exploited. The key is to be patient😋