![]() To support these capabilities, Tomcat includes a web application (installed by default on context path /manager) that supports the following functions: In many production environments, it is very useful to have the capability to deploy a new web application, or undeploy an existing one, without having to shut down and restart the entire container. Tomcat ManagerĪ little aside about what Tomcat is and does. If you want to try it yourself, all of the necessary files are in my repo HTB Scripts for Retired Boxes.Īfter running the script, we’re rewarded with a set of valid creds for the server. The code loops over each user, then for each user, it loops over all the possible passwords, trying to login with each combination. ![]() Realistically, we could potentially see some other responses and still have sent a valid login, but for simplicity, we’ll use 200. We can naively assume that any response that is not a 200 means we are unauthorized. The code above makes a GET request to the Tomcat server using Basic Auth. Raise SystemExit # got what we can for, just exit It could definitely be improved, but it has served me well for quite a while.įunction gobust () ') I can then copy and paste that line as a starting point to add whatever other options I need. All it does in that case is spew out my normal defaults to the screen. If I need some less common gobuster options, i run the function with a -h. Gobust 10.10.10.XX /usr/share/wordlists/dirbuster/ The default wordlist can be changed by adding a second argument i.e. It allows me to run gobust 10.10.10.XX and be off doing other things while it scans. You may not have seen the actual function I use. If you’ve read any of my other HTB write-ups, you’ll have probably seen my typical gobuster arguments. Both directories are indicative of a Tomcat deployment. There wasn’t anything interesting aside from /manager and /host-manager.
0 Comments
Leave a Reply. |