On Sep 19, 2012, at 5:02 AM, Ragini wrote: > Hi all, > > For my research work I want to have different attacking scenarios which > exploits vulnerability of JAVA based applications. This java applications can > be just any web-application, desktopapplication or any other. > > For this, I was thinking to exploit vulnerabilities of tomcat itself (because > it is in java). I went through different vulnerabilities of different > versions of tomcat on apache tomcat's official site. They have provided > information about what is the vulnerability and what is its consequences. > > But I am looking for some real time example by which I can exhibit the > exploitation of tomcat’s vulnerability. The version of the tomcat can be just > any. I would like to try vulnerabilities like authentication bypass, > information disclosure or some other which really compromises the security.
Try looking at Metasploit. Dan > Could anybody please suggest some source where I can get step by step > information about exploiting tomcat’s vulnerability with example ? It would > be nice if the example web application used for exploitation is also in java. > > I would really appreciate your any kind of help regarding this. > > Thanks. > > Richa. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org