Kali Linux

ApacheTomcatScanner : A Python Script To Scan For Apache Tomcat Server Vulnerabilities

ApacheTomcatScanner is a python script to scan for Apache Tomcat server vulnerabilities.

Features

  • Multithreaded workers to search for Apache tomcat servers.
  • Multiple target source possible:
    • Retrieving list of computers from a Windows domain through an LDAP query to use them as a list of targets.
    • Reading targets line by line from a file.
    • Reading individual targets (IP/DNS/CIDR) from -tt/--target option.
  • Custom list of ports to test.
  • Tests for /manager/html access and default credentials.
  • List the CVEs of each version with the --list-cves option

Installation

You can now install it from pypi (latest version is ) with this command:

sudo python3 -m pip install apachetomcatscanner

Usage

$ ./ApacheTomcatScanner.py -h
Apache Tomcat Scanner v2.3.2 – by @podalirius_
usage: ApacheTomcatScanner.py [-h] [-v] [–debug] [-C] [-T THREADS] [-s] [–only-http] [–only-https] [–no-check-certificate] [–xlsx XLSX] [–json JSON] [-PI PROXY_IP] [-PP PROXY_PORT] [-rt REQUEST_TIMEOUT] [-tf TARGETS_FILE]
[-tt TARGET] [-tp TARGET_PORTS] [-ad AUTH_DOMAIN] [-ai AUTH_DC_IP] [-au AUTH_USER] [-ap AUTH_PASSWORD] [-ah AUTH_HASH]
A python script to scan for Apache Tomcat server vulnerabilities.
optional arguments:
-h, –help show this help message and exit
-v, –verbose Verbose mode. (default: False)
–debug Debug mode, for huge verbosity. (default: False)
-C, –list-cves List CVE ids affecting each version found. (default: False)
-T THREADS, –threads THREADS
Number of threads (default: 5)
-s, –servers-only If querying ActiveDirectory, only get servers and not all computer objects. (default: False)
–only-http Scan only with HTTP scheme. (default: False, scanning with both HTTP and HTTPs)
–only-https Scan only with HTTPs scheme. (default: False, scanning with both HTTP and HTTPs)
–no-check-certificate
Do not check certificate. (default: False)
–xlsx XLSX Export results to XLSX
–json JSON Export results to JSON
-PI PROXY_IP, –proxy-ip PROXY_IP
Proxy IP.
-PP PROXY_PORT, –proxy-port PROXY_PORT
Proxy port
-rt REQUEST_TIMEOUT, –request-timeout REQUEST_TIMEOUT
-tf TARGETS_FILE, –targets-file TARGETS_FILE
Path to file containing a line by line list of targets.
-tt TARGET, –target TARGET
Target IP, FQDN or CIDR
-tp TARGET_PORTS, –target-ports TARGET_PORTS
Target ports to scan top search for Apache Tomcat servers.
-ad AUTH_DOMAIN, –auth-domain AUTH_DOMAIN
Windows domain to authenticate to.
-ai AUTH_DC_IP, –auth-dc-ip AUTH_DC_IP
IP of the domain controller.
-au AUTH_USER, –auth-user AUTH_USER
Username of the domain account.
-ap AUTH_PASSWORD, –auth-password AUTH_PASSWORD
Password of the domain account.
-ah AUTH_HASH, –auth-hash AUTH_HASH
LM:NT hashes to pass the hash for this user.

Example

You can also list the CVEs of each version with the --list-cves option:

Download
R K

Leave a Comment
Share
Published by
R K
Tags: ApacheTomcatScannerPython Script
4 years ago

Recent Posts

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

11 hours ago

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

11 hours ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

16 hours ago

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

2 days ago

This Android Bug Can Crack Your Lock Screen in 60 Seconds

A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…

5 days ago

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

7 days ago