-
Enumeration Mandatory Check on the HTTP port 8080 if /manager is accessible (default credentials: tomcat / s3cret or admin / admin). If yes, upload a reverse shell WAR file. Optional Try to brute-force with msf> use scanner/http/tomcat_mgr_login.
-
Overview Tomcat usually listens on the following ports: 8080 — HTTP 8005 — Port for shutting down the Tomcat server; not interesting here 8009 — Same functions as the HTTP port, but via the Apache JServ protocol AJP. AJP is basically HTTP in a compressed/binary form. Checklist Check if /manager is accessible. Default credentials are tomcat / s3cret or…