Tomcat
Last updated
Was this helpful?
Last updated
Was this helpful?
Tomcat is like a secondary service usually runs on port 8080
Create a malicious .war file deploy it and obtain reverse shell
Once deployed make a request to http://targeturi:8080/shell
to obtain the reverse shell
Whenever there is no GUI, the malicious war file can be still uploaded and deployed which will lead to obtaining a reverse shell