• Stars
    star
    163
  • Rank 231,141 (Top 5 %)
  • Language
    Go
  • License
    MIT License
  • Created about 4 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Exploit for WebSocket Vulnerability in Apache Tomcat

Exploit for WebSocket Vulnerability in Apache Tomcat (CVE-2020-13935)

In the corresponding blog post the analysis and exploitation of the vulnerability is explained in detail.

Usage

Clone the repository, then build the tcdos binary. Run the program as follows to test whether a particular WebSocket endpoint is vulnerable:

$ git clone https://github.com/RedTeamPentesting/CVE-2020-13935
$ cd CVE-2020-13935
$ go build
$ ./tcdos [WebSocket endpoint]