tomcat aux module do not execute
thsle3p opened this issue · comments
When the argument for a aux module is specified to clusterd it goes about fingerprinting the target server but does not execute the aux module example:
./clusterd.py -i [ip] -p 8080 -a tomcat --tc-ofetch
clusterd/0.3.1 - clustered attack toolkit
[Supporting 7 platforms]
[2014-07-23 02:49PM] Started at 2014-07-23 02:49PM
[2014-07-23 02:49PM] Servers' OS hinted at windows
[2014-07-23 02:49PM] Fingerprinting host '[ip]'
[2014-07-23 02:49PM] Server hinted at 'tomcat'
[2014-07-23 02:49PM] Checking tomcat version 3.3 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 3.3 Tomcat Admin...
[2014-07-23 02:49PM] Checking tomcat version 4.0 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 4.1 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 4.1 Tomcat Manager...
[2014-07-23 02:49PM] Checking tomcat version 4.0 Tomcat Manager...
[2014-07-23 02:49PM] Checking tomcat version 5.0 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 5.5 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 5.5 Tomcat Manager...
[2014-07-23 02:49PM] Checking tomcat version 5.0 Tomcat Manager...
[2014-07-23 02:49PM] Checking tomcat version 6.0 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 6.0 Tomcat Manager...
[2014-07-23 02:49PM] Checking tomcat version 7.0 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 7.0 Tomcat Manager...
[2014-07-23 02:49PM] Checking tomcat version 8.0 Tomcat...
[2014-07-23 02:49PM] Checking tomcat version 8.0 Tomcat Manager...
[2014-07-23 02:49PM] Matched 1 fingerprints for service tomcat
[2014-07-23 02:49PM] Tomcat (version 5.0)
[2014-07-23 02:49PM] Fingerprinting completed.
[2014-07-23 02:49PM] Finished at 2014-07-23 02:49PM
Notice that the tomcat credential fetcher did not execute
Your output there would suggest Tomcat 5.0 as the remote server; the module you're trying to run, --tc-ofetch
, only works against version 3.3. You can check versioning information of auxiliary modules by running ./clusterd.py --aux-list
Doh! Missed that.
On Wed, 2014-07-23 at 14:09 -0700, bryan alexander wrote:
Your output there would suggest Tomcat 5.0 as the remote server; the
module you're trying to run, --tc-ofetch, only works against version
3.3. You can check versioning information of auxiliary modules by
running ./clusterd.py --aux-list—
Reply to this email directly or view it on GitHub.