/manage
, but if you didn't know that already, you can find that using gobuster:tomcat:s3cret
from that list gives us access.war
files to the server, we can generate a reverse shell with msfvenom
:tunip
is a handy bash alias I use to get my current IP address for Hack The Box. it is set to ifconfig tun0 | sed -n '2 p' | awk '{print \$2}'
in my ~/.bash_aliases
/tmp
)nt authority/system
in this case, so we now have full access to the system and are able to read the user and root flags: