So I’m working on an Internal Penetration Test currently against a financial institution. Surprisingly I didn’t find any Apache Tomcat default installations (Tomcat Manager –> deploy meterpreter as a war file)
I didn’t find really any of the usual low hanging fruits.
I did however find an outdated IBM WebSphere Instance that is vulnerable to a Java Deserialization Remote Code execution (RCE).
Guess what, it worked like a charm 😀
Link to more information about the module is HERE
Read all the entries in this series!