Apache-Tomcat-MongoDB-Remote-Code-Execution

0x01 Add the following JARs to the /lib directory of Tomcat Server.

mongo-java-driver-3.10.2.jar
mongo-store-3.0.0.jar
Mongo-Tomcat-Sessions.jar

0x02 Modify the configuration file `conf/context.xml`,and then append the following configuration,at last start both Tomcat Server and MongoDB Server.

<Valve className="com.dawsonsystems.session.MongoSessionTrackerValve"/>
<Manager className="com.dawsonsystems.session.MongoManager" 
         host="127.0.0.1" 
         port="27017" 
         database="sessions" 
         maxInactiveInterval="84"/>

0x03 Send the request with PoC, when users login the website again, and RCE will happen.

0x04 start Tomcat Server, when users login the website, their login sessions will be stored in MongoDB Server, as you know, there are so many unauthorized MongoDB Servers on the Internet, just search them by Shodan :)

Name		Name	Last commit message	Last commit date
Latest commit History 17 Commits
EvilMongodbClient.java		EvilMongodbClient.java
Mongo-Tomcat-Sessions.jar		Mongo-Tomcat-Sessions.jar
README.md		README.md
mongo-java-driver-3.10.2.jar		mongo-java-driver-3.10.2.jar
mongo-store-3.0.0.jar		mongo-store-3.0.0.jar
shodan.png		shodan.png
tomcat-mongo.gif		tomcat-mongo.gif

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Apache-Tomcat-MongoDB-Remote-Code-Execution

0x01 Add the following JARs to the /lib directory of Tomcat Server.

0x02 Modify the configuration file `conf/context.xml`,and then append the following configuration,at last start both Tomcat Server and MongoDB Server.

0x03 Send the request with PoC, when users login the website again, and RCE will happen.

0x04 start Tomcat Server, when users login the website, their login sessions will be stored in MongoDB Server, as you know, there are so many unauthorized MongoDB Servers on the Internet, just search them by Shodan :)

About

Releases

Packages

Languages

pyn3rd/Apache-Tomcat-MongoDB-Remote-Code-Execution

Folders and files

Latest commit

History

Repository files navigation

Apache-Tomcat-MongoDB-Remote-Code-Execution

0x01 Add the following JARs to the /lib directory of Tomcat Server.

0x02 Modify the configuration file conf/context.xml,and then append the following configuration,at last start both Tomcat Server and MongoDB Server.

0x03 Send the request with PoC, when users login the website again, and RCE will happen.

0x04 start Tomcat Server, when users login the website, their login sessions will be stored in MongoDB Server, as you know, there are so many unauthorized MongoDB Servers on the Internet, just search them by Shodan :)

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

0x02 Modify the configuration file `conf/context.xml`,and then append the following configuration,at last start both Tomcat Server and MongoDB Server.

Packages