Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Tomcat Detection

By kannthu

Informative
Vidoc logoVidoc Module
#tech#tomcat#apache
Description

What is the "Tomcat Detection" module?

The "Tomcat Detection" module is designed to detect the presence of a Tomcat instance on a target URL. It performs a request for a non-existent resource and analyzes the response to determine if it is a Tomcat error page with version information. This module is used to identify potential misconfigurations or vulnerabilities in Tomcat installations.

This module has an informative severity level, which means it provides valuable information but does not indicate a critical security issue.

Impact

The impact of this module is primarily informational. It helps identify the presence of a Tomcat instance and provides version information, which can be useful for further analysis and assessment of the target system's security posture.

How the module works?

The "Tomcat Detection" module sends an HTTP GET request to the target URL, specifically targeting a non-existent resource. It then examines the response to determine if it matches the characteristics of a Tomcat error page with version information.

The module uses the following matching conditions:

- The response headers must contain the word "tomcat" (case-insensitive). - The response body must contain at least one of the following phrases: "apache tomcat", "/manager/html", "/manager/status".

If any of these conditions are met, the module considers the response as a potential indication of a Tomcat instance.

Here is an example of an HTTP request sent by the module:

GET /{randomText}/docs/introduction.html

Please note that the "{randomText}" placeholder is replaced with a randomly generated alphanumeric string during the actual scanning process.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/{%randTextAlphanume.../docs/introduction.h...
Matching conditions
dsl: contains(toLower(all_headers), "tomcat")or
dsl: contains(toLower(body), "apache tomcat")...
Passive global matcher
No matching conditions.
On match action
Report vulnerability