Skip to content

Latest commit

 

History

History
203 lines (171 loc) · 14.9 KB

README.md

File metadata and controls

203 lines (171 loc) · 14.9 KB

Table of Contents

TL;DR

Term  Description
Log4j The vulnerable Java Library
JndiLookup The vulnerable part of Log4j
Log4Shell The exploit developped to attack this vulnerability

Source: CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd (modified to add the second CVE)

CVE Vulnerability type Affected Log4j versions Exploitable in default config
CVE-2021-44228 RCE 2.0 through 2.14.1 Yes
CVE-2021-45046 Denial of Service (DoS) and RCE 2.0 through 2.15.0 No
CVE-2021-4104 RCE 1.2* No
CVE-2021-45105 Denial of Service (DoS) 2.0-beta9 to 2.16.0 No
CVE-2021-44832 RCE 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) No
  • CVE-2021-4104 will not be patched, as the Log4j 1.x branch has reached end-of-life

Source: Tenable blog

Log4Shell-timeline

Source: cutekernel.github.io

log4j_attack

Source: govcert.ch

log4shell png

Source: musana.net

LOG4j-flyer Source: Security Zines

Articles & Technical analysis

Advisories

Tutorials

Videos

Intentionally vulnerable apps

Tools & Exploits

DNS loggers

Methodology

v2-detectLog4shell Source: v2-detectLog4shell mindmap by @Dick_Reverse

AmIVulnerable-Log4shell-v6 1 Source: AmIVulnerable-Log4shell-v6.1 mindmap by @Dick_Reverse

Tips

WAF bypass

Bypass examples

Awesome lists

Remediation

Shield-Log4shell-v1 Source: Shield-Log4shell-v1 mindmap by @Dick_Reverse

Some vulnerable apps/vendors

Memes

TODO

Add headers, payloads, data that can be exfiltrated, entry point examples & tools to receive OOB DNS requests.