![davtest how to exploit txt and html executable davtest how to exploit txt and html executable](https://img.wonderhowto.com/img/98/11/63702753578427/0/exploit-webdav-server-get-shell.w1456.jpg)
+ OSVDB-397: HTTP method ( 'Public' Header ): 'PUT' method could allow clients to save files on the web server. + OSVDB-5646: HTTP method ( 'Public' Header ): 'DELETE' may allow clients to remove files on the web server. + Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH + OSVDB-5647: HTTP method ( 'Allow' Header ): 'MOVE' may allow clients to change file locations on the web server. + OSVDB-397: HTTP method ( 'Allow' Header ): 'PUT' method could allow clients to save files on the web server. + OSVDB-5646: HTTP method ( 'Allow' Header ): 'DELETE' may allow clients to remove files on the web server. + Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
![davtest how to exploit txt and html executable davtest how to exploit txt and html executable](https://nori-zamurai.com/wp-content/uploads/2020/05/941c77f49e6199f55c8d1425fbf418f1-1024x490.png)
+ Uncommon header 'ms-author-via' found, with contents: MS-FP/4.0,DAV + Retrieved ms-author-via header: MS-FP/4.0,DAV + No CGI Directories found (use '-C all' to force check all possible dirs ) This could allow the user agent to render the content of the site in a different fashion to the MIME type
![davtest how to exploit txt and html executable davtest how to exploit txt and html executable](https://www.udhaypv.com/images/Granny/Pastedimage20210427174208.png)
+ The X-Content-Type-Options header is not set. + Uncommon header 'microsoftofficewebserver' found, with contents: 5.0_Pub This header can hint to the user agent to protect against some forms of XSS + The X-XSS-Protection header is not defined. + The anti-clickjacking X-Frame-Options header is not present. + Retrieved microsoftofficewebserver header: 5.0_Pub $ nikto -h $TARGET -output services/80-nikto.txt
Davtest how to exploit txt and html executable windows#
Microsoft IIS 6.0 is for Windows Server 2003: If you know a protected folder, add -script-args = webdavfolder = |_http-iis-webdav-vuln: WebDAV is ENABLED. | Default installations of older versions of frontpage extensions allow anonymous logins which can lead to server compromise. |_ /_vti_bin/shtml.exe: Frontpage file or folder | /_vti_bin/shtml.dll: Frontpage file or folder | /_vti_bin/fpcount.exe?Page =default.asp|Image =3: Frontpage file or folder | /_vti_bin/_vti_adm/admin.exe: Frontpage file or folder | /_vti_bin/_vti_adm/admin.dll: Frontpage file or folder | /_vti_bin/_vti_aut/author.exe: Frontpage file or folder | /_vti_bin/_vti_aut/author.dll: Frontpage file or folder | /postinfo.html: Frontpage file or folder |_http-dombased-xss: Couldn't find any DOM based XSS. |_http-csrf: Couldn 't find any CSRF vulnerabilities. $ nmap -vvv -script vuln -oN vuln-scan.txt 10.10.10.14