Persecure : my learning archive

HTB Jerry

Run nmap scan to find for open ports.

An Apache webserver is open on port 8080.

Found default credentials which exploring the Host Manager.

Start up metasploit and search for apache tomcat exploits

Use the Apache Tomcat Manager Authenticated Upload Code Execution exploit

Set the following options.

Run the exploit and a session is gained.

Change directory to administrator and desktop and a flags folder is found.

Both flags are found.