Skip to main content

One post tagged with "Tomcat"

Apache Tomcat is an open-source web server and servlet container developed by the Apache Software Foundation. It provides a platform for running Java-based web applications, and allows developers to deploy and manage complex web applications with ease. Tomcat can be used as a standalone web server or as part of a larger application server environment, and is widely used in enterprise environments due to its scalability, reliability, and flexibility.

View All Tags

HTB | Jerry | Write-Up

· 13 min read

Summary:

We navigate the Hack The Box website, starting by spawning a target machine. Next, we perform reconnaissance on the target to gather initial information. We identify a running webserver and proceed with directory enumeration using gobuster to uncover hidden directories. After discovering a server status login page with default credentials, we log in to gain access to the Manager App website.

Analyzing this app further, we collect the necessary credentials to log in and then identify a file upload vulnerability on the website. We create a malicious payload using msfvenom, which we use to upload and execute a reverse shell on the target machine. With a stable shell established at system level access, we proceed to grab both the user flag and root flag, ultimately achieving System Own status.

Machine Name: Jerry | Difficulty: Easy | OS: Windows