Exploiting Http put Method

PUT method was initially expected as one of the HTTP method used for file management operations. If the HTTP PUT method is enabled on the webserver it tends to be utilized to upload a malicious resource to the target server, for example web shell, and execute it.

As this method is used to change or delete the files from the target server’s file system, it often results in arising in various File upload vulnerabilities, leading the way for critical and dangerous attacks. As a best practice, the file access permissions of the organizations’ critical servers should be strictly limited with restricted access to authorized users

Watch this video to understand how this vulnerability can be exploited.

Hope this video helps budding InfoSec enthusiast in honing their skills.

Stay Connected
?Twitter: https://twitter.com/vistainfosec
? Linkedln: https://in.linkedin.com/company/vista...
? Facebook: https://www.facebook.com/vistainfosec/

More Free Resources
Blog: https://www.vistainfosec.com/blog/
Webinars: https:https://www.vistainfosec.com/webinar.php
Videos: https://www.vistainfosec.com/media-videos.php

About Us
Established in 2004, VISTA InfoSec is involved from Day one in providing vendor-neutral consulting services in the areas of Information Risk Compliance and Infrastructure Advisory Services. Vista Infosec most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST, GDPR, ISO 27001. Having offices in Mumbai, Singapore, USA and offering services to clients all over the world.

For more about Vista InfoSec: https://www.vistainfosec.com/
Contact us today: https://www.vistainfosec.com/contact-us.php
Phone Number: +91 99872 44769
Email: [email protected]

0:00 Introduction
0:19 Scanning with Nmap...
0:29 Put Method Enabled...
0:42 Exploiting with Metasploit...
1:26 Setting Remote Host.
1:39 Setting Remote Port.
2:14 Sample
2:43 Setting Parameters.
3:25 Exploiting...