Tomcat
Tomcat is like a secondary service usually runs on port 8080
Intresting Endpoints
Important Files
Exploitation
Create a malicious .war file deploy it and obtain reverse shell
Once deployed make a request to
http://targeturi:8080/shell
to obtain the reverse shell
NO-GUI
Whenever there is no GUI, the malicious war file can be still uploaded and deployed which will lead to obtaining a reverse shell
Last updated