This project is for personal practice purposes only.
This project demonstrates how to exploit the Apache Log4j vulnerability to gain access to a remote shell using a reverse shell command.
To get started with this project, follow the steps below:
- Virtual Box
- Docker
- JAVA SE Development kit 8u20
- clone this project from kozmer git clone https://github.com/kozmer/log4j-shell-poc
- Build the Docker image: sudo docker build -t log4j-shell-poc
- Download and extract the Java SE Development kit 8u20 file: sudo tar -xf jdk-8u20-linux-x64.tar.gz
- Open a listener port on port 9001
- Run the Python3 script that is downloaded from Github. The script will auto-setup the HTTP server and the LDAP server and create the payload that will be used to paste into the vulnerable parameter. The LDAP server contains the address link to our listener.
- Run the Docker container with the vulnerable web app.
- Open the web page that was set up previously and enter the malicious code into the user parameter.
At this stage, you will be able to connect to the web page shell. From here, you can browse and delete files. The creator has included a file called safeToDelete.tmp for you to test with. If this file contained sensitive information, a hacker could retrieve the data for malicious purposes or delete the file just for fun.
- Kozmer https://github.com/kozmer