Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rajasoun/log4j-zero-day-exploit
Log4j Zero-Day Exploit
https://github.com/rajasoun/log4j-zero-day-exploit
jndi-exploit logj-rce poc
Last synced: 21 days ago
JSON representation
Log4j Zero-Day Exploit
- Host: GitHub
- URL: https://github.com/rajasoun/log4j-zero-day-exploit
- Owner: rajasoun
- Created: 2021-12-13T20:44:55.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2022-01-10T14:27:35.000Z (almost 3 years ago)
- Last Synced: 2024-08-05T17:35:59.408Z (4 months ago)
- Topics: jndi-exploit, logj-rce, poc
- Language: Java
- Homepage:
- Size: 38.1 KB
- Stars: 4
- Watchers: 2
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - rajasoun/log4j-zero-day-exploit - Log4j Zero-Day Exploit (Java)
README
## Log4J Zero Day Exploit - POC
Vulnerable Log4J App, Malicious LDAP server for JNDI injection attacks and Exploitation Snippet
### Run
1. Open Terminal and Start the Vulnerable Java App, Malicious JNDI Server
```
./assist.sh poc```
2. Open Another Terminal and Run Exploit Script
```
./assist.sh exploit
```3. To View the Expolit in POC Container
```
./assist.sh view
```4. Open Terminal and Run `nc -lvn 4444`
5. Open Terminal and Run `./assist.sh exploit`
6. To shell in POC Container
```
./assist.sh shell
```> Edit `jndi-exploit/src/main/java/com/rajasoun/jndi/ExportObject.java` for Malicious Code Injection