Nmap Development mailing list archives
Re: Scanning for WebDAV vulns
From: Ron <ron () skullsecurity net>
Date: Wed, 20 May 2009 18:17:31 -0500
Ron wrote:
Thierry Zoller wrote:Hi Ron, Thanks, you might want to have an option to check for write access, on some strange setups this might actually happen.There's no easy way, that I know of, to check for Write access. That being said, there's a pretty good chance that if you exploit the install, you'll have write access anyways -- I'm assuming people generally give r/w access to Administrator (or whoever) -- what's the point of running WebDAV if you don't?. Ron
On a related note, my friend and I wrote an exploit for it. Basically, take the patch we wrote and apply it to the latest version of Cadaver. Then connect to the vulnerable site with Cadaver and navigate like you normally would. It's great fun :) He did an amazing and detailed writeup of the vulnerability and the exploit and everything else here: http://www.skullsecurity.org/blog/?p=285 It includes how to detect WebDAV, how to exploit Windows XP/2003, and the actual code for the exploit. Have fun, and be responsible :) Ron -- Ron Bowes http://www.skullsecurity.org/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Scanning for WebDAV vulns Ron (May 19)
- Re: Scanning for WebDAV vulns Ron (May 20)
- Re: Scanning for WebDAV vulns Thomas Buchanan (May 20)
- Re: Scanning for WebDAV vulns Ron (May 21)
- Re: Scanning for WebDAV vulns Thomas Buchanan (May 20)
- Re: Scanning for WebDAV vulns Thierry Zoller (May 20)
- Re: Scanning for WebDAV vulns Ron (May 20)
- Re: Scanning for WebDAV vulns Ron (May 20)
- Re[2]: Scanning for WebDAV vulns Thierry Zoller (May 21)
- Re: Scanning for WebDAV vulns Ron (May 20)
- Re: Scanning for WebDAV vulns Ron (May 20)