Nmap Development mailing list archives

Scanning for WebDAV vulns

From: Ron <ron () skullsecurity net>
Date: Tue, 19 May 2009 19:54:13 -0500

Hi all,

I've implemented an Nmap script based on Metasploit's auxiliary module
that checks servers for the WebDAV vulnerability by bruteforcing for a
retricted folder name and trying to get access. I've checked it in to
the Nmap trunk, so feel free to download/compile/run it.

I've written a blog that has a lot more detail about how to
download/compile/run it, as well as what the script does and how it
works. Check it out:
http://www.skullsecurity.org/blog/?p=271

Fyodor updated the NSEDoc documentation, have a look here:
http://nmap.org/nsedoc/scripts/http-iis-webdav-vuln.html

Let me know what you think!

-- 
Ron Bowes
http://www.skullsecurity.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Scanning for WebDAV vulns Ron (May 19)
- Re: Scanning for WebDAV vulns Ron (May 20)
  - Re: Scanning for WebDAV vulns Thomas Buchanan (May 20)
    - Re: Scanning for WebDAV vulns Ron (May 21)
- Re: Scanning for WebDAV vulns Thierry Zoller (May 20)
  - Re: Scanning for WebDAV vulns Ron (May 20)
    - Re: Scanning for WebDAV vulns Ron (May 20)
    - Re[2]: Scanning for WebDAV vulns Thierry Zoller (May 21)