webdav enabled for Microsoft-IIS/6.0

[shan75]

now i am trying to penetration on Microsoft-IIS/6.0 server with IIS 6.0 WebDav Remote Auth Bypass exploit. but when i am scanning with nmap to see Webdav is enable or not then i have got this error

nmap -n -PN -p80 --script=http-iis-webdav-vuln xxxx.com

Starting Nmap 5.21 ( http://nmap.org ) at 2010-04-16 00:52 India Standard Time
NSE: Script Scanning completed.
Nmap scan report for xxxx.com (xxx.xxx.xxx.xxx)
Host is up (0.34s latency).
PORT STATE SERVICE
80/tcp open http
|_http-iis-webdav-vuln: ERROR: This web server is not supported.

Nmap done: 1 IP address (1 host up) scanned in 24.28 seconds

i know its running Microsoft-IIS/6.0. i don't know what is the problem.

please solve this

[ph0bYx]

Here's your thread: https://suck-o.com/modules.php?name=For ... pic&t=8943

I'm getting tired of this, this is your final warning. Stop posting the same stuff all over the forum!

I've deleted the last identical thread you posted, and I'm going to delete this one tomorrow, giving you plenty of time to read the FINAL warning.

Have a nice day!

[DNR]

"
The WebDAV vulnerability, which was discovered by security researchers at Palo Alto Networks, is due to the lack of proper checks on the URL in a WebDAV request, leading to a bypass on IIS directories. Microsoft IIS versions 5.0-6.0 are affected. The update is rated important. If successfully exploited, it could give an attacker elevated privileges to gain access to sensitive data. "

"Microsoft patched a WebDAV security vulnerability in Microsoft Internet Information Services (IIS) Web server as part of its monthly Patch Tuesday bulletin release. In all, the software giant issued 10 bulletins, six labeled critical in a mammoth release of security fixes addressing 31 vulnerabilities."

Admins are pissed not just at repeat posts, but also dealing with logs from newbies scanning for the WebDAV vuln.

"If you would like to detect for vulnerable endpoints in your network, you can do so with the help of these posts – using a PERL script and using WebTuff. Now, we also learnt of a method with which you can scan your network for the WebDAV vulnerability. Thanks to SkullSecurity.

Please follow these steps before you actually start scanning:

Find the script http.lua. It’ll be in a folder called ‘nselib’; for example, /usr/local/share/nmap/nselib/http.lua. Replace it with this version.
In that folder (nselib), there’s a directory called ‘data’. Put folders.lst in it.
Go up one directory, and there should be a directory called ’scripts’; for example, /usr/local/share/nmap/scripts. Put http-iis-webdav-vuln.nse in it.
Then on, you can run nmap with these command: (note: html code messed up the lines below)

nmap -sV --script=http-iis-webdav-vuln <target>If you want quicker results, run this command:


nmap -p80,8080 --script=http-iis-webdav-vuln <target>If you want to scan for password protected servers, you can run this command:


nmap -p80,8080 --script=http-iis-webdav-vuln --script-args=webdavfolder=secret <target>According to the author, this script relies on finding a password-protected folder, so it won’t be 100% accurate. If you provide a folder name yourself using the webdavfolder argument, you’re going to have a lot more luck. Once it has the name of a real password-protected folder, it’s 100% reliable. The trick is finding one.
"

Start here:
http://pentestit.com/2009/05/27/detect- ... lity-nmap/
then here:
Source: http://www.skullsecurity.org/blog/?p=271
then
http://searchsecurity.techtarget.com/ne ... 96,00.html


DNR

[ayu]

@DNR, imho you shouldn't have helped him since he refuses to read and understand what we tell him. This is the third time he posts this in the wrong category after we told him that it was the wrong one. This is only encouraging for him to continue to ignore us and spam until he gets what he wants.

Also his other thread hasn't been removed, so he could have used that one instead.

But, oh well ...