Hello folks, good day to you all.
I am pentesting a site which is using tomcat version 9.0.11. So far I haven't been able to make much progress
Things I already tried:
1. tomcat doesn't let you go to protected directories like /manager/html (where you can find an upload page) so I used path transversal (i.e. site.com/..;/protected_dir) to access that directory, more detail about this mentioned below.
I was able to access that path but requires authentication, I have tried default ones but doesn't seem to be working.
If anyone has any other ideas, I am glad to listen
I am pentesting a site which is using tomcat version 9.0.11. So far I haven't been able to make much progress
Things I already tried:
1. tomcat doesn't let you go to protected directories like /manager/html (where you can find an upload page) so I used path transversal (i.e. site.com/..;/protected_dir) to access that directory, more detail about this mentioned below.
I was able to access that path but requires authentication, I have tried default ones but doesn't seem to be working.
2. There are some rce cve listed on tomcat security notice after 9.0.11 but they have special cases, I have not tried that yet
If anyone has any other ideas, I am glad to listen