Metasploitable – Exploiting webdav

root@kali:~# davtest

Run davtest with the target url/directory.

So, we can make new directories, and upload & execute .txt, .html, and .php files.

Let’s generate a php webshell.

Upload the webshell.

Set up metasploit multi/handler first and then access evilshell.php



Leave a Reply

Your email address will not be published. Required fields are marked *