MemDAV

MemDAV

MemDAV is a simple little WebDAV server which reads and writes files to/from memory. It's more or less a wrapper around golang.org/x/net/webdav with a few extra features.

By default only HTTP is served. With -https-addr HTTPS will be served as well.

For legal use only.

Backing Storage

Files can either be served from a directory (with -dir) or from memory (the default).

By default, files will be saved as they are uploaded. Instead of the contents sent by the client, NUL bytes can be written to the saved files with the -no-save flag. This is meant to make running a honepot a little less worrisome.

Requests to delete files (i.e. the DELETE verb) will be honored unless -no-delete is set. This was originally written in response to a DLP solution which prevented exfil over WebDAV by sending DELETE requests after files were PUT on servers on the internet.

Serving a Single File

Instead of serving files which have been uploaded or are in the served directory, a single file can be returned for all GET requests with -serve-file. This is meant to make running a honeypot a little less worrisome. Originally it was written to demonstrate that file paths and file content aren't necessarily related. Silly blue team...

Authentication

HTTP Basic Authentication can be required with the -username and -password flags. This provide a modicum of security but is, generally speaking, not hugely secure. In particular, timing attacks are possible. Instead of putting creds on the command-line, the username and password can be baked into the compiled binary with something like

go build -ldflags="-X main.defaultUser=foo -X main.defaultPass=bar"