CVE-2020-1938

This Metasploit module exploits CVE-2020-1938 (Ghostcat) in Apache Tomcat by crafting malicious AJP packets to read arbitrary files or execute JSP code. It leverages the AJP protocol's trust model to bypass security restrictions.

This exploit targets CVE-2020-1938 (Ghostcat), a local file inclusion (LFI) vulnerability in Apache Tomcat's AJP protocol. The PoC constructs malicious AJP packets to read arbitrary files from the server.

This repository contains a Python-based exploit for CVE-2020-1938 (Ghostcat), which leverages the AJP protocol in Apache Tomcat to achieve arbitrary file read and remote code execution. The PoC constructs malicious AJP packets to manipulate Tomcat's file inclusion and execution mechanisms.

This repository contains a Python-based exploit for CVE-2020-1938 (Ghostcat), which is a local file inclusion (LFI) vulnerability in Apache Tomcat AJP protocol. The exploit allows reading arbitrary files from the server via crafted AJP requests.

This repository contains a Python-based exploit tool for Tomcat vulnerabilities, including CVE-2017-12615 and CNVD-2020-10487, with features for weak credential brute-forcing, WAR file deployment, and remote code execution via JSP shells.

This repository contains a Java-based tool for exploiting multiple Tomcat vulnerabilities, including CVE-2017-12615 (PUT method file upload). It includes both a GUI and command-line interface for testing and exploiting vulnerabilities such as file upload, weak authentication, and AJP file read/inclusion.

This repository contains a Python-based PoC for CVE-2020-1938, which exploits a file inclusion and file read vulnerability in Apache Tomcat via the AJP protocol. The scripts demonstrate how to read and include files from the Tomcat ROOT directory by crafting malicious AJP requests.

This is a Python-based proof-of-concept exploit for CVE-2020-1938, targeting Apache Tomcat's AJP protocol. It implements the AJP protocol to perform Local File Inclusion (LFI) attacks by crafting malicious AJP requests.

This repository contains a writeup for CVE-2020-1938, an Apache Tomcat vulnerability, with instructions for exploitation and environment setup. It references an external exploit script and includes screenshots of the process.

This is a Python-based PoC for CVE-2020-1938 (Ghostcat), an AJP protocol vulnerability in Apache Tomcat. It implements AJP packet serialization/deserialization to exploit local file inclusion (LFI) via malformed requests.

This repository contains a Python-based scanner for CVE-2020-1938, which is a Ghostcat vulnerability affecting Apache Tomcat AJP protocol. The scanner is designed to detect vulnerable Tomcat instances by sending crafted AJP requests and analyzing responses.

This is a Python-based exploit for CVE-2020-1938, also known as the 'Ghostcat' vulnerability, which affects Apache Tomcat's AJP protocol. The exploit allows for local file inclusion (LFI) and potential remote code execution (RCE) by manipulating AJP request attributes.

This repository contains a Python-based PoC for CVE-2020-1938, an AJP (Apache JServ Protocol) file read and RCE vulnerability in Apache Tomcat. The script implements AJP protocol handling to exploit the vulnerability, allowing file reads and potential command execution via crafted requests.

This is a Python-based exploit for CVE-2020-1938 (Ghostcat), targeting Apache Tomcat's AJP protocol to achieve local file inclusion (LFI) and potential remote code execution (RCE). The script implements the AJP protocol to send crafted requests and read responses.

This repository contains a Go-based scanner for CVE-2020-1938 (Ghostcat), which checks if a target Apache Tomcat server is vulnerable by sending a crafted AJP request and analyzing the response. It does not include exploit code for achieving RCE but verifies vulnerability status.

This is a clean and readable Python PoC for CVE-2020-1938 (GhostCat), which exploits a file read vulnerability in Apache Tomcat via AJP protocol by manipulating servlet attributes. It allows reading arbitrary files from the webapps directory but does not achieve RCE.

This repository contains a functional Python exploit for CVE-2020-1938, an AJP (Apache JServ Protocol) file read and remote code execution vulnerability in Apache Tomcat. The exploit implements AJP protocol handling to read arbitrary files or execute commands via crafted requests.

This is a Python-based exploit for CVE-2020-1938 (Ghostcat), targeting Apache Tomcat AJP protocol. It implements AJP packet serialization/deserialization to craft malicious requests, enabling file read and potential RCE via file inclusion.

This repository contains a Python-based tool for exploiting CVE-2020-1938 (Ghostcat), which allows arbitrary file reads via the AJP protocol in Apache Tomcat. The tool includes functionality for both single-target exploitation and batch scanning of multiple hosts.

This repository contains a Python-based proof-of-concept for CVE-2020-1938 (CNVD-2020-10487), an Apache Tomcat AJP Local File Inclusion (LFI) vulnerability. The script includes functionality for bulk verification and automated screenshot capture for validation.

This is a Python-based proof-of-concept exploit for CVE-2020-1938, also known as the 'Ghostcat' vulnerability, which affects Apache Tomcat's AJP protocol. The exploit allows for local file inclusion (LFI) and potential remote code execution (RCE) by manipulating AJP request attributes.

This repository provides detection rules (Suricata and Bro) for CVE-2020-1938 (Ghostcat), a vulnerability in Apache Tomcat AJP protocol. It does not contain exploit code but includes signatures to detect exploitation attempts.

This repository contains a PoC for CVE-2020-1938, an AJP protocol vulnerability in Apache Tomcat allowing arbitrary file reads and file inclusion via crafted requests. The exploit is written in Java and requires compilation using Maven.

This PoC exploits CVE-2020-1938 (Ghostcat) in Apache Tomcat via AJP protocol to perform LFI and JSP payload execution. It crafts AJP packets to read files or execute JSP code by leveraging misconfigured file access controls.

This repository contains a Python-based scanner for CVE-2020-1938, which checks for vulnerable Apache Tomcat versions and open AJP ports. It uses Nmap to scan targets and determine if they are vulnerable based on version numbers.

This repository provides detection rules (Suricata and Bro/Zeek) for CVE-2020-1938 (Ghostcat), a vulnerability in Apache Tomcat AJP protocol. It does not contain exploit code but includes signatures to detect exploitation attempts.

This repository provides a writeup and verification steps for CVE-2020-1938 (Ghostcat), an AJP file read/inclusion vulnerability in Apache Tomcat. It includes instructions for testing Tomcat 7, 8, and 9 using a Python-based AJP request tool (AJPy) to read files like /WEB-INF/web.xml.

This repository contains a functional Python exploit for CVE-2020-1938 (Ghostcat), which exploits an AJP file read/inclusion vulnerability in Apache Tomcat. The script crafts malicious AJP requests to read arbitrary files or execute JSP code via path manipulation.

The repository contains a functional Python exploit for CVE-2020-1938 (Ghostcat), which leverages AJP protocol misconfigurations to read arbitrary files from Apache Tomcat servers. The exploit includes multiple methods for file reading via path traversal and AJP packet manipulation.

This repository contains a functional Python exploit for CVE-2020-1938 (Ghostcat), which leverages the AJP protocol to perform local file inclusion (LFI) on vulnerable Apache Tomcat servers. The exploit constructs and sends malicious AJP packets to read arbitrary files from the target system.

This repository provides a detailed technical analysis of CVE-2020-1938 (Ghostcat), including vulnerability interpretation, Nessus scan findings, and remediation steps. It also covers broader topics like packet analysis, Nmap output interpretation, and OS fingerprinting.

This repository contains a detailed technical analysis of CVE-2020-1938 (Ghostcat), including vulnerability background, attack flow using PoC, root cause analysis based on Tomcat source code, and patch comparison between versions 9.0.30 and 9.0.31.

This repository contains a functional Python exploit for CVE-2020-1938, also known as the 'Ghostcat' vulnerability, which is a file read/inclusion flaw in Apache Tomcat's AJP connector. The exploit implements the AJP protocol to craft malicious requests that can read arbitrary files from the server.

The repository contains a functional Python exploit for CVE-2020-1938 (Ghostcat), which targets Apache Tomcat's AJP protocol to achieve arbitrary file read and remote code execution. The exploit constructs malicious AJP packets to manipulate file attributes and execute commands.

This is a detailed technical walkthrough of the Basic Pentesting TryHackMe room, covering reconnaissance, enumeration, exploitation of weak credentials, and privilege escalation via insecure file permissions. It includes step-by-step commands, tool usage, and mitigation strategies.

This repository contains a Python-based exploit for CVE-2020-1938 (Ghostcat), which leverages the AJP protocol to read arbitrary files from vulnerable Apache Tomcat servers. The tool includes multi-threaded scanning, custom wordlist support, and JSP payload generation for post-exploitation.

This repository contains frontend configuration files for a GDScript formatting web application. No exploit code or vulnerability details for CVE-2020-1938 are present.

This repository provides a detailed proof-of-concept for exploiting CVE-2020-1938, an arbitrary JSP upload vulnerability in Apache Tomcat leading to remote code execution. It includes steps for generating a malicious .war file using msfvenom, setting up a Metasploit listener, and executing the payload.

This is a Python-based exploit for CVE-2020-1938, targeting Apache Tomcat's AJP protocol. The code implements the AJP protocol to craft malicious requests, potentially leading to remote code execution (RCE) or information disclosure.

This repository contains a functional exploit for CVE-2020-1938, a vulnerability in Apache Tomcat's AJP protocol. The exploit crafts malicious AJP packets to achieve remote code execution (RCE) by manipulating request attributes.

This is a Metasploit module for CVE-2020-1938 (Ghostcat), which exploits a vulnerability in Apache Tomcat's AJP protocol to read arbitrary files or execute JSP files, potentially leading to remote code execution. The module crafts malicious AJP packets to interact with the Tomcat server.

This Python script scans for Apache Tomcat server.xml files and disables AJP connectors to mitigate CVE-2020-1938 (Ghostcat). It searches for specific AJP connector configurations and comments them out.

The repository contains only a README.md file with minimal information about CVE-2020-1938 (Ghostcat) but no actual exploit code or technical details.

This is a Python-based exploit for CVE-2020-1938 (GhostCat), which leverages the AJP protocol to perform Local File Inclusion (LFI) on vulnerable Apache Tomcat servers. The PoC implements AJP packet serialization and deserialization to craft malicious requests.

This repository contains a functional Python exploit for CVE-2020-1938, a vulnerability in Apache Tomcat's AJP protocol. The exploit implements AJP packet serialization and deserialization to craft malicious requests, demonstrating the ability to manipulate server behavior.

ClassHound is a Python-based tool that automates the exploitation of arbitrary file download vulnerabilities (including CVE-2020-1938) to recursively download and decompile Java class files, extracting source code. It supports various traversal techniques, POST/GET requests, and integrates with Ghostcat for AJP file read exploitation.

This Metasploit module exploits CVE-2020-1938 (Ghostcat) to read arbitrary files from Apache Tomcat via the AJP protocol by manipulating request attributes. It does not include RCE but demonstrates file read capabilities.