Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Scanning for WebDAV vulns
From: Thierry Zoller <Thierry () Zoller lu>
Date: Wed, 20 May 2009 11:26:42 +0200

Hi Ron,

Thanks, you might want to have an option to check for write access,
on some strange setups this might actually happen.

R> Hi all,

R> I've implemented an Nmap script based on Metasploit's auxiliary module
R> that checks servers for the WebDAV vulnerability by bruteforcing for a
R> retricted folder name and trying to get access. I've checked it in to
R> the Nmap trunk, so feel free to download/compile/run it.

R> I've written a blog that has a lot more detail about how to
R> download/compile/run it, as well as what the script does and how it
R> works. Check it out:
R> http://www.skullsecurity.org/blog/?p=271

R> Fyodor updated the NSEDoc documentation, have a look here:
R> http://nmap.org/nsedoc/scripts/http-iis-webdav-vuln.html

R> Let me know what you think!

Thierry Zoller

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]