# WebDav WebDAV (Web Distributed Authoring and Versioning) is a **protocol** that extends the HTTP protocol, allowing users to **collaboratively author and manage files** on a web server, enabling actions like creating, editing, moving, and deleting files remotely. An HTTP Server with WebDav **might require valid credentials** to perform file operations, such as creating, deleting or editing existing files. The credentials are most probably required via **HTTP Basic Authentication**. {% hint style="success" %} **Notice: You will need to use the HTTP PUT, DELETE and MOVE verbs to respectively upload, delete and move files.** {% endhint %} {% hint style="warning" %} **Sometimes, the WebDav instance might be configured to deny any file upload using specific file extensions. If this configuration is not properly set, you might be able to subvert it by uploading the file with any other accepted extension, and then using a move (rename) operation or a copy operation.** {% endhint %} *** ## IIS5/6 WebDav Extension Bypass In this specific setting, the WebDav instance won't allow uploading or renaming files with the `.asp` extension, but you can bypass this restriction by uploading a file as a `.txt` file and copy/move it to a `.asp;.txt` file. (Notice the `;`"is required, as it is the means for the bypass to work) *** ## Useful Tools [DavTest](https://github.com/cldrn/davtest): An *automated* tool to perform several checks over the WebDav server {% code overflow="wrap" %} ```bash davtest -url http:// ``` {% endcode %} Be careful when using DavTest, as **its default configuration is to upload files** on the dav server! *** [Cadaver](https://github.com/notroj/cadaver): A tool to connect to the WebDav server via CLI and perform standard WebDav actions *manually* ```bash cadaver ``` *** ## Finding Credentials inside an Apache Server If the Webdav was using an Apache server which you have access to, you should look at configured sites in Apache. You can find these credentials inside the following file: \ `/etc/apache2/sites-enabled/000-default` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://notes.sfoffo.com/web-applications/web-technologies/webdav.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.