CVE-2020-1938 Apache Tomcat: Emulation and Detection
In this lab, you’ll practice vulnerability management by researching, assessing, testing, and mitigating an emerging threat. When you’re finished, you’ll have a system that will be protected against CVE-2020-1938 and you’ll be able to interrogate logs for previous compromises.
Terms and conditions apply.
Challenge
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Challenge
Emulate
You'll use Nmap to check if you’re running an affected version of Apache Tomcat and if the default Apache JServ Protocol port is exposed. Then you'll examine and run the Python test script included in the lab to determine if your system is exploitable by trying to access the web.xml file.
Challenge
Detect
You'll now work to identify if you have previously been compromised by interrogating web server logs.
Challenge
Protect
Patching the Tomcat server isn't always an option so you'll now explore some other ways to mitigate the vulnerability.
Challenge
The Last Challenge
Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
Recommended prerequisites
- You will hopefully be comfortable at the Linux command line and with running typical administrative commands.
- Ideally you will have some scripting knowledge, preferably Python, but it’s not essential.