By default, Tomcat uses TCP port 8080 and has its manager application in /manager/html. That application uses basic HTTP authentication. Metasploit's auxiliary module we just used (tomcat_mgr_login) has some configuration options worth mentioning here:
- BLANK_PASSWORDS: Adds a test with a blank password for every user tried
- PASSWORD: Useful if we want to test a single password with multiple users or to add a specific one not included in the list
- PASS_FILE: The password list we will use for the test
- Proxies: If we need to go through a proxy to reach our target, or to avoid detection, this is the option we need to configure
- RHOSTS: The host, hosts (separated by spaces), or file with hosts (file: /path/to/file/with/hosts) we ...