O'Reilly logo

BackTrack 5 Cookbook by David De Smet, Willie Pritchett

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Metasploitable Tomcat

In this recipe, we will explore how to use Metasploit to attack a Tomcat server using the Tomcat Manager Login module. Tomcat, or Apache Tomcat, is an open source web server and servlet container used to run Java Servlets and JavaServer Pages (JSP). The Tomcat server is written in pure Java. We will use Metasploit in order to brute force a Tomcat login.

Getting ready

The following requirements need to be fulfilled:

  • A connection to the internal network is required to complete this recipe
  • Metasploitable running in our hacking lab
  • Word list to perform a dictionary attack

How to do it...

Let's begin the recipe by opening a terminal window:

  1. Open a command prompt.
  2. Launch the MSFCONSOLE:
    msfconsole
    
  3. Search for all available Tomcat modules: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required