From 7b60422bbfde60d7a4acd703f03d2fc8793966b6 Mon Sep 17 00:00:00 2001
From: James Barnett <James_Barnett@rapid7.com>
Date: Thu, 13 Apr 2017 16:52:10 -0500
Subject: [PATCH] Enable WebDAV on Apache.

---
 .../metasploitable/files/apache/dav.conf      | 39 +++++++++++++++++++
 .../metasploitable/recipes/apache.rb          | 28 ++++++++++---
 2 files changed, 61 insertions(+), 6 deletions(-)
 create mode 100644 chef/cookbooks/metasploitable/files/apache/dav.conf

diff --git a/chef/cookbooks/metasploitable/files/apache/dav.conf b/chef/cookbooks/metasploitable/files/apache/dav.conf
new file mode 100644
index 0000000..b6cc580
--- /dev/null
+++ b/chef/cookbooks/metasploitable/files/apache/dav.conf
@@ -0,0 +1,39 @@
+#
+# Distributed authoring and versioning (WebDAV)
+#
+# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias
+#                   mod_auth_digest, mod_authn_file
+#
+
+# The following example gives DAV write access to a directory called
+# "uploads" under the ServerRoot directory.
+#
+# The User/Group specified in httpd.conf needs to have write permissions
+# on the directory where the DavLockDB is placed and on any directory where
+# "Dav On" is specified.
+
+Alias /uploads "/var/www/uploads"
+
+<Directory "/var/www/uploads">
+    AllowOverride All
+    Dav On
+
+    <Limit GET HEAD POST DELETE OPTIONS PUT>
+        Order Allow,Deny
+        Allow from all
+    </Limit>
+</Directory>
+
+#
+# The following directives disable redirects on non-GET requests for
+# a directory that does not include the trailing slash.  This fixes a
+# problem with several clients that do not appropriately handle
+# redirects for folders with DAV methods.
+#
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+BrowserMatch "MS FrontPage" redirect-carefully
+BrowserMatch "^WebDrive" redirect-carefully
+BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
+BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+BrowserMatch "^XML Spy" redirect-carefully
+BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
\ No newline at end of file
diff --git a/chef/cookbooks/metasploitable/recipes/apache.rb b/chef/cookbooks/metasploitable/recipes/apache.rb
index cc938a2..3d3f039 100644
--- a/chef/cookbooks/metasploitable/recipes/apache.rb
+++ b/chef/cookbooks/metasploitable/recipes/apache.rb
@@ -17,6 +17,11 @@ directory '/var/www/cgi-bin' do
   recursive true
 end
 
+directory '/var/www/uploads' do
+  mode '0777'
+  recursive true
+end
+
 cookbook_file '/var/www/cgi-bin/hello_world.sh' do
   source 'apache/hello_world.sh'
   mode '0755'
@@ -27,16 +32,27 @@ cookbook_file '/etc/apache2/conf-available/cgi-bin.conf' do
   mode '0644'
 end
 
-execute 'enable-cgi-mod' do
-  command 'a2enmod cgi'
+cookbook_file '/etc/apache2/conf-available/dav.conf' do
+  source 'apache/dav.conf'
+  mode '0644'
 end
 
-execute 'enable-cgi-bin-conf' do
-  command 'a2enconf cgi-bin'
+bash "configure cgi" do
+  code <<-EOH
+    a2enmod cgi
+    a2enconf cgi-bin
+    a2disconf serve-cgi-bin
+  EOH
 end
 
-execute 'disable-serve-cgi-bin-conf' do
-  command 'a2disconf serve-cgi-bin'
+bash "configure webDAV" do
+  code <<-EOH
+    a2enmod dav
+    a2enmod dav_fs
+    a2enmod dav_lock
+    a2enmod auth_digest
+    a2enconf dav
+  EOH
 end
 
 execute 'make /var/www/html writeable' do