Penetration Testing mailing list archives
Apache Tomcat penetration test
From: a007 <a007 () ixi ru>
Date: Fri, 17 Nov 2006 09:53:12 +0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi I am looking for the way to penetrate Apache Tomcat server. Does anybody know useful link on this? There is not much information on Web. I need to analyze Apache Tomcat Apache Tomcat/5.5.17 server. After URI manipulation I've found some server debug messages like this: HTTP Status 500 - java.lang.NoSuchMethodException: partners.service.PartnersService.getLink(javax.servlet.http.HttpServletRequest) at java.lang.Class.getMethod(Class.java:1581) at web.AjaxService.doGet(AjaxService.java:80) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595) Thanks in advance, a007 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFXVxXMoMPiPgGoAcRAqv4AJ9OyDznLWS4lNLkinyVo2pmpQDkvQCfX88z +hDZNLvvi9qDA8k5el4Xwns= =C/+x -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Apache Tomcat penetration test a007 (Nov 17)
- Re: Apache Tomcat penetration test Danux (Nov 18)
- Re: Apache Tomcat penetration test R. DuFresne (Nov 20)
- Re: Apache Tomcat penetration test Christine Kronberg (Nov 20)
- Re: Apache Tomcat penetration test Danux (Nov 18)