Tomcat access to app without app folder name
Posted on 2014-09-24
I wonder if is there a known method to access to tomcat app located into webapps folder without knowing it's adress? ( I mean leak or known method)
I mean if I put:
Where XXX will be long 50 characets link.
Is that possible to run tomcat app without knowing it's name? (Only knowing example.com:8080)
If app will work as very long complicated name IMHO it's not possible. (Until someone has time to brute force and guess valid URL with app response)
I know it's security by obscurity and not real security anyway I need to know possible leaks of such solution.