Determine if the WebClient Service (WebDAV) is running on a remote system

Overview

GetWebDAVStatus

Small project to determine if the Web Client service (WebDAV) is running on a remote system by checking for the presence of the DAV RPC SERVICE named pipe. Does not require admin privileges on the remote system, but does require some form of valid credentials (no anonymous access). Both a BOF and C# version of the project are included, the C# version is multi-threaded so would be better suited for scanning a large number of systems.

Usage

Both the BOF and C# versions take a comma-seperated list of systems to scan. The C# version also has an optional arg of "--tc" that allows the operator to control the max amount of threads to be used (default: 5).

BOF: inline-execute C:\scripts\GetWebDAVStatus_x64.o server01,server02

C#: execute-assembly C:\assemblies\GetWebDAVStatus.exe server01,server02 --tc 1

Building

The C# project should be a pretty standard build, x64 + Release is the recommended build configuration. BOF can be built with the following command from the Developer Command Prompt for VS:

cl.exe /c /GS- Source.c /Fo./GetWebDAVStatus_x64.o

Credits

@tifkin_ originally posted about this method of remotely identifying WebDAV here.

Originally heard about the above tweet on @flangvik's twitch stream. Would definitely recommend checking out.

You might also like...
A basic, MQTT integration point service for the Waveshare 8 channel relay board

relayboard-control A basic, MQTT integration point service for the Waveshare 8 channel relay board. This was built specifically for our own home's rel

ServiceLocator - Service Locator Pattern Header-Only Library

Service Locator Very fast, header-only C++ Service Locator Pattern library What is the Service Locator Pattern The Service Locator Pattern is a design

Implements a Windows service (in a DLL) that removes the rounded corners for windows in Windows 11

ep_dwm Implements a Windows service that removes the rounded corners for windows in Windows 11. Tested on Windows 11 build 22000.434. Pre-compiled bin

A line follower simulation created in CoppeliaSim, with a C++ interface for CoppeliaSim's Remote API
A line follower simulation created in CoppeliaSim, with a C++ interface for CoppeliaSim's Remote API

Wall-E-Sim A line follower simulation created in CoppeliaSim, with a C++ interface for CoppeliaSim's Remote API This is a simuation of SRA's Wall-E bo

Remote control for your QMK-powered keyboard

QMK RC QMK RC is a project that aims to bring the same convenience to controlling your QMK keyboard from your computer, as QMK did to programming keyb

PoC for CVE-2021-28476 a guest-to-host
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.

CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. This is a proof of concept for CVE-2021-28476

 TinyRemoteXL - 12-Button IR Remote Control based on ATtiny13A
TinyRemoteXL - 12-Button IR Remote Control based on ATtiny13A

TinyRemoteXL is a 12-button IR remote control based on an ATtiny13A powered by a CR2032 or LIR2032 coin cell battery.

Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas.
Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas.

Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas. With a theoretical transmission range of 10 miles (16kms), OTG messenger can be used by groups of people to stay connected when they are in areas not serviced by mobile connectivity.

Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.

Cobalt Strike BOF - Inject AMSI Bypass Cobalt Strike Beacon Object File (BOF) that bypasses AMSI in a remote process with code injection. Running inje

Comments
  • GetWebDAVStatus_DotNet

    GetWebDAVStatus_DotNet

    Can the GetWebDAVStatus_DotNet project add support for the ip list method, such as the GetWebDAVStatus.exe 192.168.1.1/24 method, looking forward to your update.

    opened by helloyw 0
Owner
null
Calculator to determine unrealized gains or losses in % and $ form.

Personal-Project-G-L-Calculator in C++ Ryan Ramirez - [email protected] - UNLV Student Calculator to calculate unrealized gains or losses in % a

Ryan Ramirez 1 Oct 19, 2021
Determine date based on days spent

date-based-on-days-spent Determine date based on days spent. Enter the number of days since the beginning of Gregorian calendar to get the date of tha

Amirhossein Aliakbarpour 1 Dec 6, 2021
Einsums in C++ Provides compile-time contraction pattern analysis to determine optimal operation to perform

Einsums in C++ Provides compile-time contraction pattern analysis to determine optimal operation to perform. Examples This will optimize at compile-ti

Justin Turney 14 Dec 15, 2022
New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.

BOF - Lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking ServiceMove is a POC code for an interestin

Chris Au 190 Nov 14, 2022
This is Script tools from all attack Denial of service by C programming

RemaxDos Paltfrom Attack RemaxDos This is Script tools from all attack Denial of service Remax Box Team !. Features ! Cam overflow Syn Flooding. Smurf

null 7 Sep 11, 2022
Basic Windows Service managment API

SvcManager Basic Windows Service managment API A simple C++ Windows Service management API built my me. To be honest, I havent committed anything in a

Josh S. 4 Sep 8, 2022
This is the repo that hosts the code for Mozilla's translation service

Translation service HTTP service that uses bergamot-translator and compressed neural machine translation models for fast inference on CPU. Running loc

Mozilla 18 Sep 7, 2022
Cloud-native high-performance edge/middle/service proxy

Cloud-native high-performance edge/middle/service proxy Envoy is hosted by the Cloud Native Computing Foundation (CNCF). If you are a company that wan

Envoy Proxy - CNCF 21.2k Jan 9, 2023
An example spatial lookup service. In-memory reverse geocode backed by GEOS.

Spatial Lookup Web Service This GEOS example program demonstrates the use of the STRtree index and PreparedGeometry to create a high-performance in-me

Paul Ramsey 29 Dec 23, 2022