On a recent pen-test engagement we had come across a Tomcat server with default creds. Trying to old tried and true methods with Metasploit did not work to get a shell on the box , which was running proprietary IBM_AIX. The exploit would be successful but no connect-back. Because of the limited time instead of trying to test for egress (and later finding out theres no payloads for metasploit), we tried another method of uploading a JSP .war file to the box that once deployed, enabled us to browse and run commands. Continue reading
Contact Me
Social Media
Categories
-
Recent Posts
RSS Blogroll
- MITRE Launches AI Incident Sharing Initiative
- iPhone 'VoiceOver' Feature Could Read Passwords Aloud
- Insider Threat Damage Balloons as Visibility Gaps Widen
- Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard
- sup
- Student Loan Breach Exposes 2.5M Records
- Watering Hole Attacks Push ScanBox Keylogger
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
- Ransomware Attacks are on the Rise
- Moving to gitlab
Archives
- March 2024
- May 2023
- April 2021
- January 2021
- July 2019
- May 2019
- September 2018
- June 2018
- October 2017
- September 2017
- June 2017
- May 2017
- April 2017
- December 2016
- November 2016
- October 2016
- July 2016
- May 2016
- April 2016
- March 2016
- January 2016
- October 2015
- July 2015
- May 2015
- March 2015
- February 2015
- January 2015
- November 2014
- October 2014
- September 2014
- June 2014
- March 2014
- February 2014
- September 2013
- June 2013
- April 2013
- January 2013
- March 2012
- February 2010
- September 2009