From 1ec45b13569365ddfca14c601fa4b1d6aa55f7e4 Mon Sep 17 00:00:00 2001
From: h00die <michaeltcyr@gmail.com>
Date: Mon, 16 Jan 2017 13:30:41 -0500
Subject: [PATCH] markdown docs

---
 .../admin/http/tomcat_administration.md       | 47 +++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 documentation/modules/auxiliary/admin/http/tomcat_administration.md

diff --git a/documentation/modules/auxiliary/admin/http/tomcat_administration.md b/documentation/modules/auxiliary/admin/http/tomcat_administration.md
new file mode 100644
index 0000000000..c33638e272
--- /dev/null
+++ b/documentation/modules/auxiliary/admin/http/tomcat_administration.md
@@ -0,0 +1,47 @@
+## Vulnerable Application
+
+  The administrator application was removed as of Tomcat 6.  Tomcat 5.5.36 is available from [apache](https://archive.apache.org/dist/tomcat/tomcat-5/v5.5.36/).  This does not have the `admin` app bundled though, and can be downloaded [here](https://archive.apache.org/dist/tomcat/tomcat-5/v5.5.36/bin/apache-tomcat-5.5.36-admin.zip).
+  
+  To utilize the `admin` application, a user must have the permission `admin` applied to their account.  The following user line will handle all necessary permissions: `<user username="tomcat" password="tomcat" roles="admin">`.
+
+## Verification Steps
+
+  1. Install Tomcat 5.5 or older
+  2. Install the admin app
+  3. Start msfconsole
+  4. Do: ```use auxiliary/admin/http/tomcat_administration```
+  5. Do: ```set rhosts <ips>```
+  6. Do: ```set tomcat_user <username>```
+  7. Do: ```set tomcat_pass <username>```
+  8. Do: ```set rport <port>```
+  9. Do: ```run```
+  10. Find all the Tomcat admin portals
+
+## Options
+
+  **rport**
+
+  The default is set to `8180`, which is only default on FreeBSD.  All other operating systems, and the software itself, default to 8080.
+
+## Scenarios
+
+  Example run against Tomcat 5.5.36 with admin module installed against Windows XP
+
+  ```
+  msf > use auxiliary/admin/http/tomcat_administration 
+  msf auxiliary(tomcat_administration) > set rport 8085
+  rport => 8085
+  msf auxiliary(tomcat_administration) > set rhosts 192.168.2.108
+  rhosts => 192.168.2.108
+  msf auxiliary(tomcat_administration) > set verbose true
+  verbose => true
+  msf auxiliary(tomcat_administration) > set tomcat_pass tomcat
+  tomcat_pass => tomcat
+  msf auxiliary(tomcat_administration) > set tomcat_user tomcat
+  tomcat_user => tomcat
+  msf auxiliary(tomcat_administration) > run
+  
+  [*] http://192.168.2.108:8085/admin [Apache-Coyote/1.1] [Apache Tomcat/5.5.36] [Tomcat Server Administration] [tomcat/tomcat]
+  [*] Scanned 1 of 1 hosts (100% complete)
+  [*] Auxiliary module execution completed
+  ```