ZeroCold Posted September 4, 2011 Report Share Posted September 4, 2011 Alright guy's today in this tutorial I'll be explaining how to use the webdav exploit. The link for the tools used for this tutorial can be found in the bottom of this tutorial. For those of you who do not know what a Webdav is here is the definition Web-based Distributed Authoring and Versioning, or WebDAV, is a set of extensions to the Hypertext Transfer Protocol (HTTP) that allows computer-users to edit and manage files collaboratively on remote World Wide Web servers. But fo our purpose we will be using it to exploit RDP's or the Remote Desktop Protocal. For a better understanding of these with RDP's they could range from Vp's to Dedi's to just plain old home Pc's, but no matter what it is you will gain full access to the machine and can basically do whatever you want using a shell. For those of you who are new to the hacking scene a shell is a php script that allows you to view all of the files on the server you decide to host the shell on. The most common shells are the c99 or the r57, but in this case we will be using the c99. Now please be aware these are not the only shells available there are several posted throughout the forum and you can find them by simply using the search button located on the navbar. Now before being able to use the shell we have to find some vulnerable Ip's to gain access to for this we will be using the WebdavlinkCrawler which can be found in the webdav tools kit I have provided below here if you don't trust my download links simply don't download them it's that simple. Once you have managed to open the program you will be presented with this interface.as you can see there is a Start, Stop, and Remove double. All of these terms will be explained later on, but what you are going to want to do is click the start button and it will being to search for the Ip's with webdav in them. Once you have managed to gather some ip's like you see in the picture here Now please be aware this was only with about 15 seconds of searching and your results may differ depending on your connection speed as well as the amount of time you run the application. After you have all of your Ip's your going to want to click one so it's highlighted and the right click it you will be presented with a popup that looks like this I have no idea what that actually means,(if someone would like to translate and tell me please feel free.) but what it is doing is copying all of the Ip's you have scanned. After you have scanned all of the Ip's your going to want to paste them in a new word document once you have done so save it as something you can remember and put it in a convenient location. After you have saved your collected webdav Ip's in a word document your going to want to open the Ip Scanner in the folder. It will look like this what your going to want to do is click the "Get Ip's" button and browse to your recently saved text file. After you have your ip's in placeyour going to want to press the scan button what this is doing is now taking all of your Webdav Ip's and figuring out which one's are vulnerable to this particular exploit. The one's on the right are the ones it scanned and if you happen to get any in the middle those are the one's you can exploit. In my case this time I didn't happen to have any that were open to this exploit because I had a limited amount of Ip's. After you have managed to gather some ip's in the middle column and are ready to exploit the server you can just double check by going to the ip/webdav/ in your browser and Ip being one of the exploited ones you managed to get and your going to be looking for an index page that says Webdav Test page. After you have confirmed it is ready to go your going to want to open "map network drive" this can be found by either right clicking Network or my computer in the start menu. what your going to want to click on is the hyperlink that reads " Connect to a website that you can use to store your document's and pictures. You will be presented with a screen all you have to do is click next. And the your going to want to click Choose a custom network location.Now this is the important screen it should look like thisWhat you have to do is put the Ip/webdav in the text box and click next you should then be prompted with a login box the default username is wampp and the default password is xampp. Once you have successfully connected you can now browse it's folder's so what you have to do now is just drag and drop the shell.php in side the main directory. After doing so go to ip/webdav/shell.php it should look like the following Feel free to use that Ip if you are that much of a noob and cannot do anything for yourself. Once you are viewing your shell inside the execute textbox your going to want to do the following commands :net localgroup administrators SUPPORT /Addnet user /add SUPPORT !password! What this is doing is making the remote desktop username SUPPORT and the password !password!. So now the last and final step is to open remote desktop and connect using the Ip and the login detail's we have just created. The shell is for you to explore and discover for yourself. Now you may be wondering What can you do once your in?Answer : 1.You can do so much! Plant Rootkits/ Upload your RAT on the server:D2. I upload my RAT’s incase they try to take back there dedi.3. Host a web IRC bot or Shell Booter4. Store files or host websites or shells5. Make a Botnet!but one of my favorite things to do is to host a powerful DDos shell. If you have an questions comments or concerns please feel free to post them below and I promise I will respond to every one of them no matter how ridiculous or cruel your comments or questions could be thanks for reading and I hope you learned something!This tutorial was a proud contribute to my favorite group The Nerds more info can be found in my sig. Hope you guys join! feel free to mention my name if you do!TOOLS:http://dl.dropbox.com/u/18083172/Webdav%20tools.rar Quote Link to comment Share on other sites More sharing options...
hostbob Posted October 7, 2012 Report Share Posted October 7, 2012 Nice TUT bro.Webdavscrawler is not working on my system, i tried with win2003/win2008 when i open it, it says somekind error 'Object does not support properly or method replace'you have anyother option i could get this?Thanls **There's no knowledge where there's no knowledge** Quote Link to comment Share on other sites More sharing options...
hostbob Posted October 7, 2012 Report Share Posted October 7, 2012 Nice TUT bro.Webdavscrawler is not working on my system, i tried with win2003/win2008 when i open it, it says somekind error 'Object does not support properly or method replace'you have anyother option i could get this?Thanks **There's no knowledge where there's no knowledge** Quote Link to comment Share on other sites More sharing options...
exccc Posted October 8, 2012 Report Share Posted October 8, 2012 nice tut bro thnxx Quote Link to comment Share on other sites More sharing options...
