Description: according to official website of tomcat,Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process.
this video gives you detail explanation of module that attack on tomcat in metasploit. on victim machine metasploitable is running with tomcat service. this can be identified by simple nmap scan. next we search for keyword tomcat. this is done by "search" command in metasploit. the output is a list of exploits related to tomcat. after that we select the exploit and test it.
Tags: Metasploit , Tomcat ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Hmm, In Metasploitable tomcat version is very old now in tomcat version 6 there is also Directory Traversal Vulnerability available.
metasploitable is used for pentesting lab to learn how to attack. so it contains old vulnerable service. metasploitable version 2 has launched.