openkylin
/
openkylin-exploit-db
mirror of https://gitee.com/openkylin/openkylin-exploit-db.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix uncorrect image path

This commit is contained in:
李海花 2023-03-14 20:31:28 +08:00 committed by Re3et
parent 3923503b28
commit b88d23a1bf
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
cve/apache-tomcat/2020/CVE-2020-1938/README.md
View File

@ -23,13 +23,13 @@ Tools: Kali-linux 64 bit Virtual Machine, Tomcat-8.5.32, JRE8 environment.
the command of docker installation: `apt install docker.io`
[![search image](README.assets/search image.png)](https://github.com/Siyang9065/img/blob/main/search image.png?raw=true)
[![search image](img/search image.png)](https://github.com/Siyang9065/img/blob/main/search image.png?raw=true)
1. Pull image of tomcat and load it to local virtual machine.
command: `docker search duonghuuphuc/tomcat-8.5.32`
[![pull image](README.assets/pull image.png)](https://github.com/Siyang9065/img/blob/main/pull image.png?raw=true)
[![pull image](img/pull image.png)](https://github.com/Siyang9065/img/blob/main/pull image.png?raw=true)
1. Run ports 8080 and 8009 after create the container of this image.
@ -41,17 +41,17 @@ Tools: Kali-linux 64 bit Virtual Machine, Tomcat-8.5.32, JRE8 environment.
--name: specify the name of container.
[![run ports](README.assets/run tomcat.png)](https://github.com/Siyang9065/img/blob/main/run tomcat.png?raw=true)
[![run ports](img/run tomcat.png)](https://github.com/Siyang9065/img/blob/main/run tomcat.png?raw=true)
1. Use the tool Nmap[6] to scan whether the ports 8080 and 8009 of the local IP address are open.
command: `nmap <IP address>`
[![check ports](README.assets/check ports.png)](https://github.com/Siyang9065/img/blob/main/check ports.png?raw=true)
[![check ports](img/check ports.png)](https://github.com/Siyang9065/img/blob/main/check ports.png?raw=true)
1. Check if the Tomcat environment is working properly in web browser.
[![run tomcat](README.assets/tomcat-8.5.32.png)](https://github.com/Siyang9065/img/blob/main/tomcat-8.5.32.png?raw=true)
[![run tomcat](img/tomcat-8.5.32.png)](https://github.com/Siyang9065/img/blob/main/tomcat-8.5.32.png?raw=true)
1. Run python vulnerability script in the host port 8009 to read files which are in the webapp directory.
@ -61,8 +61,8 @@ Tools: Kali-linux 64 bit Virtual Machine, Tomcat-8.5.32, JRE8 environment.
-f: specify the location of the file to be read
[![exploit script](README.assets/exploit script.png)](https://github.com/Siyang9065/img/blob/main/exploit script.png?raw=true)
[![exploit script](img/exploit script.png)](https://github.com/Siyang9065/img/blob/main/exploit script.png?raw=true)
[![read web file](README.assets/read files.png)](https://github.com/Siyang9065/img/blob/main/read files.png?raw=true)
[![read web file](img/read files.png)](https://github.com/Siyang9065/img/blob/main/read files.png?raw=true)
[![read index file](README.assets/read index file.png)](https://github.com/Siyang9065/img/blob/main/read index file.png?raw=true)
[![read index file](img/read index file.png)](https://github.com/Siyang9065/img/blob/main/read index file.png?raw=true)