- Test driving the Log4Shell log4j vulnerability with various versions of Java and observing the network egress connections (tl;dr Java 8u191 onwards is less bad) https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/ 12 comments netsec
Linking pages
Linked pages
- Log4Shell: RCE 0-day exploit found in log4j, a popular Java logging package | LunaTrace https://www.lunasec.io/docs/blog/log4j-zero-day/ 1949 comments
- Tech Solvency: The Story So Far: CVE-2021-44228 (Log4Shell log4j vulnerability). https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/ 302 comments
- Exploiting JNDI Injections in Java | Veracode blog https://www.veracode.com/blog/research/exploiting-jndi-injections-java 19 comments
- GitHub - pimps/JNDI-Exploit-Kit: JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection) https://github.com/pimps/JNDI-Exploit-Kit 4 comments
- BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC · GitHub https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592 0 comments
- GitHub - christophetd/log4shell-vulnerable-app: Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228). https://github.com/christophetd/log4shell-vulnerable-app 0 comments
- Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j 0 comments
Related searches:
Search whole site: site:chasersystems.com
Search title: Log4Shell and its traces in a network egress filter | Chaser Systems
See how to search.