Cheat Sheets

Security - Tomcat Admin

Description

Check for insane tomcat admin default password 'admin' as there as just to many places online suggesting this.

Check Script: security-tomcat-admin-password.sh

#!/bin/bash

if rgrep -q "password=.admin." /etc/tomcat*/tomcat-users.xml /var/lib/tomcat*/conf/tomcat-users.xml 2>/dev/null; then result_failed "Evil tomcat password detected!" else result_ok fi
Comment on Disqus