Apache Tomcat Remote Exploit (PUT Request) and Account Scanner

SUBMITTED BY: Guest

DATE: Nov. 25, 2013, 9:03 p.m.

FORMAT: Text only

SIZE: 917 Bytes

Raw Download

HITS: 2218

Report
  1. Apache Tomcat Remote Exploit (PUT Request) aISOWAREZ RELEASE
  2. By KINGCOPE - YEAR 2012
  4. -== Apache Tomcat Remote Exploit and Account Scanner ==-
  6. the modified pnscan scanner utility scans a range of IPs to find open
  7. apache tomcat servers
  8. by trying the following login access combinations:
  10. tomcat:tomcat
  11. password:password
  12. admin:admin
  13. admin:password
  14. admin:<nopassword>
  15. tomcat:<nopassword>
  17. the included perl script can be used to unlock apache tomcat servers
  18. remotely by using the collected login combinations.
  19. it will retrieve either a root or SYSTEM reverse shell depending on
  20. the operating system
  21. or the equivalent of a reverse shell as the current user tomcat is running as.
  22. the exploit might contain metasploit logic (thanks to jduck).
  24. Enjoy :>
  26. /Kingcope
  28. http://www.exploit-db.com/sploits/tomcat-remote.zipnd Account Scanner
comments powered by Disqus