Hackthebox — Jerry

The IP [10.129.91.241].

Check if the host is alive and responding to your ICMP protocol.

An nmap scan (namp -sS -sC IPAddress).

Open port 8080 and running Apache Tomcat/7.0.88.

Open a browser and input the ip address with port.

As per running a dirb tool. A directory called “/manager” found and there is a credential where visible or disclosed.

user=tomcat

password=s3cret

Once successfully logged in there are applications can be observed running and war file can be upload from below of the list of applications.

Creating a custom payload via msfvenom.

LHOST = tun0

LPOR = Choose your port

Open a netcat listener and open the war file on the list of applications.

Successfully connected to the jerry machine and find the flags moving forward.

Here are the user and root txt.