From 3674448b1bd6aafab1e9967e49b947e0156640d3 Mon Sep 17 00:00:00 2001
From: Vishal Gupta <vishal.gupta4081@gmail.com>
Date: Sat, 9 Dec 2017 18:44:15 -0500
Subject: [PATCH] added webdav_scanner.md

---
 .../auxiliary/scanner/http/webdav_scanner.md  | 59 +++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 documentation/modules/auxiliary/scanner/http/webdav_scanner.md

diff --git a/documentation/modules/auxiliary/scanner/http/webdav_scanner.md b/documentation/modules/auxiliary/scanner/http/webdav_scanner.md
new file mode 100644
index 0000000000..e38a95bc60
--- /dev/null
+++ b/documentation/modules/auxiliary/scanner/http/webdav_scanner.md
@@ -0,0 +1,59 @@
+## Description
+
+This module scans a server or range of servers and attempts to determine if WebDav is enabled. This allows us to better fine-tune our attacks.
+
+## Verification Steps
+
+1. Do: ```use auxiliary/scanner/http/webdav_scanner```
+2. Do: ```set RHOSTS [IP]```
+3. Do: ```set RPORT [PORT]```
+4. Do: ```run```
+
+The only configuration we need to do is to set our RHOSTS and THREADS values and let the scanner run.
+
+## Scenarios
+
+**Running the scanner**
+
+```
+msf > use auxiliary/scanner/http/webdav_scanner
+msf auxiliary(webdav_scanner) > show options
+
+
+Module options (auxiliary/scanner/http/webdav_scanner):
+
+   Name     Current Setting  Required  Description
+   ----     ---------------  --------  -----------
+   PATH     /                yes       Path to use
+   Proxies                   no        A proxy chain of format type:host:port[,type:host:port][...]
+   RHOSTS                    yes       The target address range or CIDR identifier
+   RPORT    80               yes       The target port (TCP)
+   SSL      false            no        Negotiate SSL/TLS for outgoing connections
+   THREADS  1                yes       The number of concurrent threads
+   VHOST                     no        HTTP server virtual host
+
+
+msf auxiliary(webdav_scanner) > set RHOSTS 192.168.1.200-250
+RHOSTS => 192.168.1.200-250
+msf auxiliary(webdav_scanner) > set THREADS 20
+THREADS => 20
+msf auxiliary(webdav_scanner) > run
+
+[*] 192.168.1.203 (Microsoft-IIS/5.1) has WEBDAV ENABLED
+[*] 192.168.1.209 (Apache/2.0.54 (Linux/SUSE)) WebDAV disabled.
+[*] 192.168.1.208 (Apache/2.0.52 (CentOS)) WebDAV disabled.
+[*] 192.168.1.213 (Apache/2.2.14 (Ubuntu)) WebDAV disabled.
+[*] Scanned 14 of 51 hosts (027% complete)
+[*] 192.168.1.222 (Apache/1.3.23 (Unix)  (Red-Hat/Linux) mod_python/2.7.6 Python/1.5.2 mod_ssl/2.8.7 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_perl/1.26 mod_throttle/3.1.2) WebDAV disabled.
+[*] 192.168.1.223 (Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1) WebDAV disabled.
+[*] 192.168.1.229 (Microsoft-IIS/6.0) has WEBDAV ENABLED
+[*] 192.168.1.224 (Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6) WebDAV disabled.
+[*] 192.168.1.227 (Microsoft-IIS/5.0) has WEBDAV ENABLED
+[*] Scanned 28 of 51 hosts (054% complete)
+[*] 192.168.1.234 (lighttpd/1.4.25) WebDAV disabled.
+[*] 192.168.1.235 (Apache/2.2.3 (CentOS)) WebDAV disabled.
+[*] Scanned 38 of 51 hosts (074% complete)
+[*] Scanned 51 of 51 hosts (100% complete)
+[*] Auxiliary module execution completed
+msf auxiliary(webdav_scanner) >
+```
\ No newline at end of file