• Name: Pentester Lab: CVE-2007-1860: mod_jk double-decoding
• Date release: 17 Apr 2014
• Author: Pentester Lab
• Series: Pentester Lab
• Web page: http://www.pentesterlab.com/exercises/cve-2007-1860/

• cve-2007-1860_i386.iso (Size: 191 MB)
• Download: https://ptl.io/cve-2007-1860_i386.iso
• Download (Mirror): https://download.vulnhub.com/pentesterlab/cve-2007-1860_i386.iso

• _cve-2007-1860.iso (Size: 187 MB)
• Download (Mirror): https://download.vulnhub.com/pentesterlab/cve-2007-1860.iso

Difficulty

Beginner

Details

This exercise covers the exploitation of CVE-2008-1760. This vulnerability allows an attacker to gain access to unaccessible pages using crafted requests. This is a common trick that a lot of testers miss.

What you will learn?

• Tomcat
• Java WebShell
• Exploitation of CVE-2008-1760

• Filename: cve-2007-1860_i386.iso
• File size: 191 MB
• MD5: 0A06A7C4521B4B5C842E90F2DE9E4F3C
• SHA1: F059274CC6E03C7C5CFDDB1E181C1F15EBAF32CF
• Filename: _cve-2007-1860.iso
• File size: 187 MB
• MD5: 4C03139ABBBEF639E3DD280E2B1E11CD
• SHA1: 9B4333EA67787996FF31364BE2D089AA009739D1

Checksum

×

To make sure that the files haven't been altered in any manner, you can check the checksum of the file.
This makes sure that the you have acquired the same file which was transferred to you, without being modified/changed/damaged.

Some authors publish the checksums in the README files, on their homepages or sometimes inside compressed archive (if it has been compressed).
VulnHub also lists the MD5 & SHA1 checksums for every file which it offers to download, allowing you to check. You can find all the checksums here, otherwise, they will be individually displayed on their entry page. To check the checksum, you can do it here.

You can find out how to check the file's checksum here.

• Format: Disk Image (.ISO)
• Operating System: Linux

• DHCP service: Enabled
• IP address: Automatically assign

• 17 Apr 2014 - CVE-2007-1860: mod_jk double-decoding (Pentester Lab)