March 25, 2017 Karn Ganeshen

Metasploitable – Exploiting webdav

root@kali:~# davtest

Run davtest with the target url/directory.

So, we can make new directories, and upload & execute .txt, .html, and .php files.

Let’s generate a php webshell.

Upload the webshell.

Set up metasploit multi/handler first and then access evilshell.php

 

 

Tagged: ,

Leave a Reply

Your email address will not be published. Required fields are marked *