Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Tomcat Detection" module is designed to detect the presence of a Tomcat instance on a target URL. It performs a request for a non-existent resource and analyzes the response to determine if it is a Tomcat error page with version information. This module is used to identify potential misconfigurations or vulnerabilities in Tomcat installations.
This module has an informative severity level, which means it provides valuable information but does not indicate a critical security issue.
The impact of this module is primarily informational. It helps identify the presence of a Tomcat instance and provides version information, which can be useful for further analysis and assessment of the target system's security posture.
The "Tomcat Detection" module sends an HTTP GET request to the target URL, specifically targeting a non-existent resource. It then examines the response to determine if it matches the characteristics of a Tomcat error page with version information.
The module uses the following matching conditions:
- The response headers must contain the word "tomcat" (case-insensitive). - The response body must contain at least one of the following phrases: "apache tomcat", "/manager/html", "/manager/status".If any of these conditions are met, the module considers the response as a potential indication of a Tomcat instance.
Here is an example of an HTTP request sent by the module:
GET /{randomText}/docs/introduction.html
Please note that the "{randomText}" placeholder is replaced with a randomly generated alphanumeric string during the actual scanning process.