ISOWAREZ RELEASE
By KINGCOPE - YEAR 2012
-== Apache Tomcat Remote Exploit and Account Scanner ==-
the modified pnscan scanner utility scans a range of IPs to find open apache tomcat servers by trying the following login access combinations:
tomcat:tomcat
password:password
admin:admin
admin:password
admin:<nopassword>
tomcat:<nopassword>
the included perl script can be used to unlock apache tomcat servers
remotely by using the collected login combinations.
it will retrieve either a root or SYSTEM reverse shell depending on
the operating system
or the equivalent of a reverse shell as the current user tomcat is running as.
the exploit might contain metasploit logic (thanks to jduck).
Enjoy :>
/Kingcope
http://www.youtube.com/watch?v=_0wgBHDv3UQ
We are waiting days and nights
for a wind to blow
in this land that has been burnt
and we never get relief
We are waiting days and nights
for the light of that day
that will bring to everyone
relief and an end to the pain, to the war, to the occupation