🐱Jerry
start with a nmap:
We find a tomcat page:
we see the manager page button, that asks us for credentials, we do admin/admin and end up on this page
we see some credentials here that seem to be an example but who knows
i open up a private navigation shell and try to connect with those creds and it works
while looking around we see this:
While looking for .War reverse shell:
and we got a shell:
Last updated