Log4J - CVE 2021-44228 (Log4Shell) - Exploitation & Mitigation
In this video, I demonstrate the process of exploiting the Log4J vulnerability, also known as Log4Shell as well as explore the process of mitigating the vulnerability on Apache Solr. //WHAT IS LOG4J? Apache Log4j is one of the most widely utilized, open-source Java-based logging utilities. It is used by various Apache solutions like Apache Tomcat, Apache Solr, and Apache Druid to name a few. //WHAT IS LOG4SHELL? On November 30th, 2021, the Apache log4j development team was made aware of a vulnerability in Log4j that could allow the injection of malicious input that could consequently facilitate remote code execution. On December 9th, 2021, the Infosec community was made aware of this finding and the far-reaching impacts of the vulnerability. The vulnerability could potentially allow attackers to take control of any system running Log4j by logging a certain string. The vulnerability, now assigned as CVE-2021–44228 has a severity score of 10 (CRITICAL) and has been dubbed “Log4Shell”. //LINKS THM Room: https://bit.ly/3p9Fzn4 Log4j Attack Surface: https://ift.tt/3pN744P //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques ►► https://amzn.to/3ylCl33 Docker Security Essentials (FREE) ►► https://bit.ly/3pDcFuA //SUPPORT THE CHANNEL NordVPN Affiliate Link (73% Off) ►► https://bit.ly/3DEPbu5 Get $100 In Free Linode Credit ►► https://bit.ly/3yagvix //CYBERTALK PODCAST Spotify ►► https://spoti.fi/3lP65jv Apple Podcasts ►► https://apple.co/3GsIPQo //WE VALUE YOUR FEEDBACK We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms. //THANK YOU! Thanks for watching! Благодарю за просмотр! Kiitos katsomisesta Danke fürs Zuschauen! 感谢您观看 Merci d'avoir regardé Obrigado por assistir دیکھنے کے لیے شکریہ देखने के लिए धन्यवाद Grazie per la visione Gracias por ver شكرا للمشاهدة ----------------------------------------------------------------------------------- #Log4J#Log4Shell#CVE-2021-44228
In this video, I demonstrate the process of exploiting the Log4J vulnerability, also known as Log4Shell as well as explore the process of mitigating the vulnerability on Apache Solr. //WHAT IS LOG4J? Apache Log4j is one of the most widely utilized, open-source Java-based logging utilities. It is used by various Apache solutions like Apache Tomcat, Apache Solr, and Apache Druid to name a few. //WHAT IS LOG4SHELL? On November 30th, 2021, the Apache log4j development team was made aware of a vulnerability in Log4j that could allow the injection of malicious input that could consequently facilitate remote code execution. On December 9th, 2021, the Infosec community was made aware of this finding and the far-reaching impacts of the vulnerability. The vulnerability could potentially allow attackers to take control of any system running Log4j by logging a certain string. The vulnerability, now assigned as CVE-2021–44228 has a severity score of 10 (CRITICAL) and has been dubbed “Log4Shell”. //LINKS THM Room: https://bit.ly/3p9Fzn4 Log4j Attack Surface: https://ift.tt/3pN744P //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques ►► https://amzn.to/3ylCl33 Docker Security Essentials (FREE) ►► https://bit.ly/3pDcFuA //SUPPORT THE CHANNEL NordVPN Affiliate Link (73% Off) ►► https://bit.ly/3DEPbu5 Get $100 In Free Linode Credit ►► https://bit.ly/3yagvix //CYBERTALK PODCAST Spotify ►► https://spoti.fi/3lP65jv Apple Podcasts ►► https://apple.co/3GsIPQo //WE VALUE YOUR FEEDBACK We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms. //THANK YOU! Thanks for watching! Благодарю за просмотр! Kiitos katsomisesta Danke fürs Zuschauen! 感谢您观看 Merci d'avoir regardé Obrigado por assistir دیکھنے کے لیے شکریہ देखने के लिए धन्यवाद Grazie per la visione Gracias por ver شكرا للمشاهدة ----------------------------------------------------------------------------------- #Log4J#Log4Shell#CVE-2021-44228
Comments
Post a Comment