Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about how to parse the Apache Tomcat file containing the recurrence of CVE-2020-1938 vulnerabilities, which may not be well understood by many people. In order to make you understand better, the editor has summarized the following contents for you. I hope you can get something according to this article.

About 0x01 Tomcat server is a free and open source Web application server, which is a lightweight application server. It is widely used in small and medium-sized systems and not many concurrent access users. It is the first choice for developing and debugging JSP programs.

Overview of 0x02 vulnerabilities

Due to a file inclusion flaw in the AJP service (port 8009) enabled by Tomcat by default, an attacker can construct a malicious request packet for file inclusion operation to read the Web directory file on the affected Tomcat server.

0x03 affects version

Apache Tomcat 6

Apache Tomcat 7 < 7.0.100

Apache Tomcat 8 < 8.5.51

Apache Tomcat 9 < 9.0.31

0x04 environment building

Reply "Tomcat installation package" in the official account to get the installation package. First of all, make sure that the Java environment is installed.

Extract the tomcat file to the folder you want to install, enter the bin folder in the folder, use the cmd command to execute the startup.bat file, and the loading interface appears. After loading, the browser accesses the http://localhost:8080 interface successfully, which means that the tomcat installation is successful.

Recurrence of 0x05 vulnerabilities

Start the apache tamcat service first

The port scan found that port 8009 # 8080 is open, which proves that there is this loophole.

Download address of Poc1:

Https://github.com/0nise/CVE-2020-1938

Download address of Poc2:

Https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi

After downloading, go to the folder and execute the cmd command and add the URL parameter. Poc is the py2 environment. The command is python. / CNVD-2020-10487-Tomcat-Ajp-lfi.py local ip-p 8009-f WEB-INF/web.xml

After successful execution, you can see that the file has been accessed successfully.

0x06 repair mode

1. Temporarily disable the AJP protocol port, comment out 2 in the conf/server.xml configuration file, configure the secretRequired and secret attributes in the ajp configuration to restrict authentication 3. Official download the latest version download address: https://tomcat.apache.org/download-70.cgihttps://tomcat.apache.org/download-80.cgihttps://tomcat.apache.org/download-90.cgi4, Github download: https://github.com/apache/tomcat/releases read the above content Do you know more about how to parse Apache Tomcat files that contain CVE-2020-1938 vulnerabilities? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.