Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rajasoun/log4j-zero-day-exploit

Log4j Zero-Day Exploit
https://github.com/rajasoun/log4j-zero-day-exploit

jndi-exploit logj-rce poc

Last synced: 21 days ago
JSON representation

Log4j Zero-Day Exploit

Awesome Lists containing this project

README

        

## Log4J Zero Day Exploit - POC

Vulnerable Log4J App, Malicious LDAP server for JNDI injection attacks and Exploitation Snippet

### Run

1. Open Terminal and Start the Vulnerable Java App, Malicious JNDI Server
```
./assist.sh poc

```

2. Open Another Terminal and Run Exploit Script
```
./assist.sh exploit
```

3. To View the Expolit in POC Container

```
./assist.sh view
```

4. Open Terminal and Run `nc -lvn 4444`

5. Open Terminal and Run `./assist.sh exploit`

6. To shell in POC Container

```
./assist.sh shell
```

> Edit `jndi-exploit/src/main/java/com/rajasoun/jndi/ExportObject.java` for Malicious Code Injection