Security Basics mailing list archives

WebDAV and nmap.

From: la_bigmac () hotmail com
Date: Mon, 18 May 2009 06:27:41 -0600

Hello,

I would like to scan my networks to find any IIS6 servers that currently have WebDAV inuse. Looks like webDAV has 
issues again allowing for authentication bypass... 

Would the nmap scripting engine be a good tool to automate this? Does anyone already have an .nse to look at and 
inspect a http response? Or sample scrips that I could adapt.

I can find the IIS6 servers using a version scan its the webDAV support I am stuck on.. 

Any help would be great. 

Mat.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

WebDAV and nmap. la_bigmac (May 18)
- Re: WebDAV and nmap. [NC] Reda-Karim FAKHIR (May 19)
- RE: WebDAV and nmap. Rafael Torrales Levaggi (May 19)
- RE: WebDAV and nmap. Jeremi Gosney (May 19)
- Re: WebDAV and nmap. Ron (May 20)
- <Possible follow-ups>
- Re: WebDAV and nmap. Not_in (May 19)
- Re: WebDAV and nmap. la_bigmac (May 19)
- Re: WebDAV and nmap. kennedyd013 (May 19)