Description: In this video I will show you how to exploit Apache Axis2 Web Services.
The exploitation of an issue in an Axis2 Web service and how using this issues it is possible to retrieve arbitrary files. Then using this, we will see how an attacker can retrieve Tomcat users' file to access the Tomcat Manager and gain commands execution on the server.
More Advanced Information: - https://www.pentesterlab.com/axis2_and_tomcat_manager/axis2_and_tomcat_manager.pdf
Vulnerable OS: - https://www.pentesterlab.com/axis2_and_tomcat_manager/axis2_and_tomcat_manager.iso
Tags: hacking , hack , web , application , apache , axis2 , exploitation ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.