DAVTest is sponsored by Sunera LLC!Download: Version 1.0 via Google CodeDAVTest tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target. It is meant for penetration testers to quickly and easily determine if enabled DAV services are exploitable.DAVTest supports:
DAVTest enables the pentester to quickly determine if a host is vulnerable and then gain access to that host. DAVTest tries to upload test files of various extension types (e.g., ".php" or ".txt"), checks if those files were uploaded successfully, and then if they can execute on the server. It also allows for uploading of the files as plain text files and then trying to use the MOVE command to rename them to an executable.Assuming you can upload an executable, a test file does you no good--so DAVTest can automatically upload a fully functional shell or back-door. It ships with shells for PHP, ASP, ASPX, CFM, JSP, CGI, and PL, and dropping a file in the right directory will let you upload any back-door you like.