Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/pyn3rd/Apache-Tomcat-Redis-Remote-Code-Execution
Apache-Tomcat-Redis-Remote-Code-Execution
https://github.com/pyn3rd/Apache-Tomcat-Redis-Remote-Code-Execution
Last synced: 21 days ago
JSON representation
Apache-Tomcat-Redis-Remote-Code-Execution
- Host: GitHub
- URL: https://github.com/pyn3rd/Apache-Tomcat-Redis-Remote-Code-Execution
- Owner: pyn3rd
- Created: 2020-08-03T02:39:52.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-08-06T07:47:29.000Z (over 4 years ago)
- Last Synced: 2024-08-05T17:26:47.554Z (4 months ago)
- Language: Java
- Size: 5.66 MB
- Stars: 9
- Watchers: 1
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - pyn3rd/Apache-Tomcat-Redis-Remote-Code-Execution - Apache-Tomcat-Redis-Remote-Code-Execution (Java)
README
# Apache-Tomcat-Redis-Remote-Code-Execution
#### 0x01 Add the following JARs to /lib directory.
```
commons-pool2-2.2.jar
jedis-3.0.0.jar
tomcat8.5-redis-session-manager.jar
```#### 0x02 Modify the configuration file, `` conf/context.xml `` then start Tomcat Server and MongoDB Server.
```
```#### 0x03 Write the Java Serialization Gadget into Redis with the PoC.
#### 0x04 When users login again, there is Remote Code Execution.