CVE-2021-44228 PoC — Apache Log4j 代码问题漏洞

Source

https://github.com/AlexandreHeroux/Fix-CVE-2021-44228

Associated Vulnerability

Title:Apache Log4j 代码问题漏洞 (CVE-2021-44228)
Description:Apache Log4j是美国阿帕奇（Apache）基金会的一款基于Java的开源日志记录工具。 Apache Log4J 存在代码问题漏洞，攻击者可设计一个数据请求发送给使用 Apache Log4j工具的服务器，当该请求被打印成日志时就会触发远程代码执行。

Description

Apply class remove process from ear/war/jar/zip archive, see https://logging.apache.org/log4j/2.x/

File Snapshot


 [4.0K]  /data/pocs/9d5296e044fb2588e6a3e938263fc2546069dc16
├── [4.0K]  dist
│   ├── [ 11K]  fix-CVE-2021-44228-1.0.0.jar
│   └── [7.8K]  fix-CVE-2021-44228-1.0.1.jar
├── [ 923]  pom.xml
├── [ 580]  Readme.md
└── [4.0K]  src
    └── [4.0K]  main
        └── [4.0K]  java
            ├── [4.0K]  com
            │   └── [4.0K]  infinisolution
            │       └── [4.0K]  fix
            │           ├── [6.6K]  BaseFix.java
            │           └── [4.0K]  cve202144228
            │               └── [1.0K]  FixCVE202144228.java
            └── [4.0K]  META-INF
                └── [  39]  MANIFEST.MF

9 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!