Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: WebDAV and nmap.

From: "Jeremi Gosney" <Jeremi.Gosney () motricity com>
Date: Tue, 19 May 2009 00:14:40 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi, 

imo nmap would be overkill for something like this. how many servers are you supporting? its real simple to check for 
the presence of webdav; you can check a host for webdav support with something like: 
        $ echo -e 'OPTIONS * HTTP/1.0\n\n' | netcat $host 80 | egrep -i 
'PROPFIND|PROPPATCH|LOCK|UNLOCK|SEARCH|COPY|MOVE|MKCOL'

for multiple hosts you could wrap this in a 'for' loop, but this would be extremely slow as its only scanning one host 
at a time. if you support hundreds or even thousands of systems, you may want to try this multithreaded perl script i 
wrote: http://epixoip.pastebin.com/f9512361

to use it, create a unix text file with a single ip addr/hostname on each line and pass it to this script as a command 
line arg. adjust $thrnum for better performance. you can probably scan ~75 hosts at a time, maybe more.

regards.


- -----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of la_bigmac () hotmail com
Sent: Monday, May 18, 2009 5:28 AM
To: security-basics () securityfocus com
Subject: WebDAV and nmap.

Hello,

I would like to scan my networks to find any IIS6 servers that currently have WebDAV inuse. Looks like webDAV has 
issues again allowing for authentication bypass... 

Would the nmap scripting engine be a good tool to automate this? Does anyone already have an .nse to look at and 
inspect a http response? Or sample scrips that I could adapt.

I can find the IIS6 servers using a version scan its the webDAV support I am stuck on.. 

Any help would be great. 

Mat.

- ------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
- ------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iEYEARECAAYFAkoSXFwACgkQIBHDN8vm6zsy6ACfScjGlfbzIjuaxM+9maI+vyXh
L3sAn2V7TCIZnkXzupD/TaBiOajhIOUM
=gSAe
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: