iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (1)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
R>Some help
  • Herro
    Posts: 56
    So ive been trying to learn web hacking for a few days now and trying it on some 14 years old's private servers etc. so i just fell on this one and i saw there was way more allowed methods then the others i had scanned.
    The URL \"http://randomstory.net/\" has the following allowed methods, which include DAV methods: *, ACL, BASELINE_CONTROL, CHECKIN, CHECKOUT, CONNECT, COPY, DEBUG, GET, HEAD, INDEX, INVALID, INVOKE, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKDIR, MKWORKSPACE, MOVE, NOTIFY, OPTIONS, PATCH, PIN, POLL, POST, PROPFIND, PROPPATCH, REPLY, REPORT, RMDIR, SEARCH, SHOWMETHOD, SPACEJUMP, SUBSCRIBE, SUBSCRIPTIONS, TEXTSEARCH, TRACE, TRACK, UNCHECKOUT, UNLINK, UNLOCK, UNSUBSCRIBE, VERSION_CONTROL.


    What does that really mean?
  • Xin
    Posts: 3,251
    What scanner are you using? Looks a bit like acunetix, i dont attack the web side using things like acunetix its way to noisy, i would learn the seperate methods and do it manually, such as
    RFI
    LFI
    SQLi
    XSS
    Cookie Injection
    XSRF
    XST
    RCE

    Theres some to start you off, just google them and there will be more than enough info on them


    As for your post it looks like some webdav commands,
    Xin
Add a Comment