Shulou(Shulou.com)06/01 Report--

Take advantage of the default password vulnerability of the Tomcat console, upload the * * file, and obtain the target host webshell.

After the Tomcat console is installed, the default management account needs to be modified in time, and weak passwords are eliminated. Successful logins can deploy any web application, including webshell.

First, use nmap tools to scan the target host

1.1 scan the target host using the nmap command. Click in the space on the desktop, right-click the menu and choose Open in Terminal.

1.2 enter the command "nmap-sV 192.168.1.3" in the terminal to scan the port of the target host and find that port 8081 is open and ApacheTomcat/CoyoteJSP engine1.1 is running.

1.3 enter `http://192.168.1.3:8180, in the browser address bar to open the tomcat page, click "Tomcat Manager", and `to open the backend management page.

1.4 in the pop-up dialog, enter the default account tomcat, password tomcat, and click "ok".

Click the "Browse" button and select the hacker.war file under the directory "/ home/".

1.6 Click the "Deploy" button, upload * *, and generate the directory of / hacker.

1.7 enter the `http://192.168.1.3:8180/hacker/index.jsp,`webshell password "87966550" in the address bar and log in to webshell.

1.8 the browser jumps to the home page.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.