The IP [10.129.91.241].
Check if the host is alive and responding to your ICMP protocol.
An nmap scan (namp -sS -sC IPAddress).
Open port 8080 and running Apache Tomcat/7.0.88.
Open a browser and input the ip address with port.
As per running a dirb tool. A directory called “/manager” found and there is a credential where visible or disclosed.
user=tomcat
password=s3cret
Once successfully logged in there are applications can be observed running and war file can be upload from below of the list of applications.
Creating a custom payload via msfvenom.
LHOST = tun0
LPOR = Choose your port
Open a netcat listener and open the war file on the list of applications.
Successfully connected to the jerry machine and find the flags moving forward.
Here are the user and root txt.
