log4j CVE-2021-44228
Lame useless repo to look into log4j CVE-2021-44228.
Setup
The repository contains a .idea/ folder which is a IntelliJ IDEA project file. The IDE can be used to easily run and debug the log4j functionality.
Small example repo for looking into log4j CVE-2021-44228
Overview
You might also like...
Apache Log4j2 CVE-2021-44228 RCE Demo with RMI and LDAP
CVE-2021-44228-Demo 利用 CVE-2021-44228,通过 RMI 和 LDAP 两种方式远程注入代码的示例。 Exploit class from RMI Server loaded Hello, ${jndi:rmi://127.0.0.1:1099/exploit} Ex
Dec 14, 2021
log4j2 Log4Shell CVE-2021-44228 proof of concept
Log4Shell CVE-2021-44228 proof of concept Requirement Java (JDK/JRE) 8 or later version curl exploitable Simple spring boot application that serves a
Dec 21, 2021
An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228
evil-rmi-server An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228 in a local privesc scenario Build ./gradlew
Nov 9, 2022
Test case to check if the Log4Shell/CVE-2021-44228 hotfix will raise any unexpected exceptions
Log4Shell Hotfix Side Effect Test Case I wanted to know if any ClassNotFoundException or similar unexpected exception is raised when one applies the C
Nov 9, 2022
A short demo of CVE-2021-44228
sample-ldap-exploit A short demo of CVE-2021-44228 Build $ mvn clean verify Run Attacker $ java \ -cp 'attacker/target/sample-attacker.jar:attacker
Oct 19, 2022
Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.
Log4Shell sample vulnerable application (CVE-2021-44228) This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, nickname
Jan 5, 2023
Vulnerability CVE-2021-44228 checker
CVE-2021-44228 checker This is the repository for checking for vulnerability CVE-2021-44228. This is a PoC that only displays strings without any exte
Nov 9, 2022
log4j-scanner is a project derived from other members of the open-source community by CISA's Rapid Action Force team to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Log4j Scanner This repository provides a scanning solution for the log4j Remote Code Execution vulnerabilities (CVE-2021-44228 & CVE-2021-45046). The
Dec 22, 2022
Oxygen-log4j-patcher - A tool that upgrades the log4j from an Oxygen installation to version 2.16
Oxygen XML Patch Tool for Apache Log4j vulnerability CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105 This is a tool that updates the log4j version 2
Jan 10, 2022
A singular file to protect as many Minecraft servers and clients as possible from the Log4j exploit (CVE-2021-44228).
MC-Log4J-Patcher The goal of this project is to provide Minecraft players, and server owners, peace of mind in regards to the recently discovered Log4
4 Jan 4, 2022
Log4J CVE-2021-44228 Minecraft PoC
CVE-2021-44228 in Minecraft Java 16 Paper server build #397 Minecraft 1.17.1 Exploitation In Java 16 only deserialization attacks work by default usin
5 Feb 15, 2022
Log4j CVE-2021-44228 examples: Remote Code Execution (through LDAP, RMI, ...), Forced DNS queries, ...
Log4j CVE-2021-44228 and CVE-2021-45046 Requisites Use a vulnerable JDK, for instance JDK 1.8.0_181 Usage Malicious server The malicious server deploy
5 Feb 7, 2022
CVE-2021-44228 - Apache log4j RCE quick test
Build ./build.sh Start log4j RCE Server ./start-log4j-rce-server.sh Test Run java -cp log4j-rce-1.0-SNAPSHOT-all.jar log4j Check if you get logs in ha
3 Feb 1, 2022
Some tools to help mitigating Apache Log4j 2 CVE-2021-44228
JndiLookup Some tool to help analyzing Apache Log4j 2 CVE-2021-44228 This tool uses the "lookup" feature from log4j-2 to test against the JNDI vulnera
3 Dec 18, 2021
This project will help to test the Log4j CVE-2021-44228 vulnerability.
Log4j-JNDIServer This project will help to test the Log4j CVE-2021-44228/CVE-2021-45046 vulnerabilities. Installation and Building Load the project on
9 Jun 30, 2022
Spring Boot Log4j - CVE-2021-44228 Docker Lab
Spring Boot Log4j - CVE-2021-44228 The Log4Shell vulnerability (CVE-2021-44228) ultimately is a quite simple JNDI Injection flaw, but in a really real
19 Jun 10, 2022
Deploys an agent to fix CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process
-- This repository has been archived -- Further development of this tool will continue at corretto/hotpatch-for-apache-log4j2. Thanks for sharing, com
108 Dec 23, 2021
Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information
Log4J-RCE-Proof-Of-Concept (CVE-2021-44228) This is a proof of concept of the log4j rce. Here are some links for the CVE-2021-44228: https://www.lunas
181 Dec 2, 2022
An agent to hotpatch the log4j RCE from CVE-2021-44228.
Log4jHotPatch This is a tool which injects a Java agent into a running JVM process. The agent will attempt to patch the lookup() method of all loaded
493 Dec 13, 2022