Apache Tomcat Deb.Pkg. - Root Privilege Escalation (CVE-2016-1240) - Video PoC Exploit

Video PoC Exploit for Apache Tomcat packaging on Debian-based distros

* CVE-2016-1240 - Apache Tomcat pkg. (Debian-based distros) - Root Privilege Escalation

Discovered by Dawid Golunski Follow @dawid_golunski

https://legalhackers.com

Description:

The video below demonstrates how an attacker using the CVE-2016-1240 vulnerability in Apache Tomcat packaging on Debian-based systems, could escalate their privileges to root user upon gaining access to the system as tomcat user.
In the presented scenario, the attacker gains the local access to tomcat shell by exploiting a pre-existing webapp vulnerability (File Upload) to upload a reverse shell and then proceeds to privilege escalation.

Thanks for watching

To receive updates on this as well as new vulnerabilities Follow @dawid_golunski

~ ExploitBox.io
Interested in security / vulns / exploits ?
Check out the new project of the author of this advisory:

ExploitBox.io
A Playground & Labs for security folks into HACKING &AMp;
the art of exploitation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

<-- BACK TO legalhackers.com