From: Lachniet, Mark (mlachniet@sequoianet.com)
Date: Tue Aug 17 2004 - 16:06:53 EDT
Other than the obvious stuff - looking for vulnerable versions and
making unauthenticated WebDAV connections through network neighborhood,
what kind of fun stuff can you do with WebDAV?
I have found a number of simple tools, one that will scan for the
existence of WebDAV on a range of IP addresses, and others that will
test for vulnerable versions. I've also found an Atstake advisory about
enumerating directories that have the index server running and have been
flagged as to be indexed
(www.atstake.com/research/advisories/2000/a100400-1.txt). However, this
isn't much to go on.
Other than this, I am somewhat ignorant about any other pentesting tools
that folks might be using. Are there any tools to enumerate
directories? Brute force authentication? Anything?
Thanks,
Mark Lachniet
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:59 EDT