Webdav is a vulnerability for website long time ago but there still websites that are vulnerable with this. I am sharing this tool for those who don’t know yet about this tool. This tool automatically uploads a asp shell in the webdav vulnerable website. If it’s not vulnerable, the tool will say it’s not vulnerable.
How to use Hmei7 Rootkit?
- Open the rootkit.exe then click menu button WebDav and click “asp shell maker”
- Then you will be prompt into a new window like th eimage below.
3. Click Settings for viewing or putting your own asp shell, you can load the shell from a text file. The image above shows it all already.
4. Click Add Site to add the webdav vulnerable website then click Ok.
5. Lastly, click “Serang !!!” to begin the process of hacking the website which is webdav vulnerable. Anyways, you can know if shell is injected by the report in the left portion of the tool.
Enjoy Webdaving! :3
Credits to Hmei7
(UPDATED AS OF March 27, 2020)
Some WebDav Dorks:
Note: Do not abuse hacking websites, use at your own risk. This is for educational purpose only. Hacking & Defacing websites doesn’t make your famous, it makes you a famewhore.