Examples of Web Applications

When a computer that is acting as a web server is researched, regardless of the port, we are likely to find web applications that have been adapted to that company's needs, but are based on existing (usually open source) projects. Some of these have known vulnerabilities, which may be found in www.exploit-db.com or in www.packetstormsecurity.com. It is common that when we are faced for the first time with one such webapp, we are not sure what it is used for, and knowing this would facilitate the process of choosing the most appropriate attack vector. This page aims at containting a brief description of webapps or services found in real machines, as well as links to known vulnerabilities or online tutorials on how to abuse them.

una especie de servidor php, pero que ejecuta programas java (servlets). en la carpeta /etc/tomcat7, el archivo tomcat-users.xml tiene las contraseñas y users para el tomcat manager. por defecto algunas vienen dentro de un comentario, por lo que no aplican
 * Apache Tomcat:

SQUID

HTTP servers

Oracle HTTP server

Microsoft IIS

Nginx

Apache httpd

Content Management Systems (CMS)

Dragonfly CMS

-

Security systems
 * pi-hole: An add-blocker for raspberry pi. With docker it can now be used in any platform. Appears in mirai (HTB), and the default credentials grant login (user: pi, pass: raspberry)

Applications to build websites: