One way to deface a website that is often used is webdav. The reason is, because the steps are easy, just run via termux then upload the script file to the target site.
The webdav tool that I will use this time is a little different, because it can directly search for live targets from within the tools. In addition, you can also enter the site address directly if there is already a live target.
Webdav is indeed very useful for script kiddie (people who use other people’s scripts) who like to deface. This is because the method only entrusts files to a website without doing any programming. Similar to the process when we upload files to media fire or other online storage.
If likened to, webdav is a shortcut to manage files and folders on a website server. Not all websites, only a few are vulnerable to the webdav algorithm itself.
Alright, now I’m going to show you how to use webdav to deface a termux application.
How to deface a website using webdav in termux
In the termux application you have to install the webdav tools then run it. In addition, you must also enter data as requested by webdav. Here are the steps.
- Open termux application then type pkg install git libcurl bash so that webdav can be executed.
- Install the webdav tools by typing git clone https://github.com/B41B4L/WEBDAV.
- After successfully installed, type cd WEBDAV to open the installation folder.
- Execute the webdav tools by typing sh materi.sh, wait until it’s finished then type sh dev.sh again
- Enter the name of the deface script file then press enter.
- Select the webdav menu, 1 if you don’t have a live target or 2 if you already have one.
- Enter the address of the deface target site.
- Wait until a new site address appears in termux. It’s a successfully defaced page.
To see the results of the defacement, copy the link that appears from the termux process and then access it using a browser.
Or another way is to access the site address/script name. Example https://ABC.com/scku.html.
Remember! In order to deface the webdav method successfully, make sure you target the site with vulnerability status.
From the webdav tool itself, a list of vulnerability sites has been provided. To view it, press the number 1 (first menu) after entering the script name.
Or to get more trial sites, you can read the vuln webdav website. There I have written a list of what sites I indicated were vuln.
Well, that’s the tutorial on using webdav in termux to deface a website. If something is not clear, just ask through the comments column. Thank you.
