Axis2 Web service and Tomcat Manager

Make sure you give at least 512MB of RAM to the VM!
This exercice explains the interactions between Tomcat and Apache, then it will show you how to call and attack an Axis2 Web service. Using information retrieved from this attack, you will be able to gain access to the Tomcat Manager and deploy a WebShell to gain commands execution.


The ISO for this exercise can be downloaded by clicking here (221MB).


You can access the course for this exercise by clicking here