RCE 0-day exploit found in log4j, a popular Java logging packa | PT SWARM
RCE 0-dayexploit found in log4j, a popular Java logging package
by Free Wortley, Chris Thompson
0-day exploit in the popular Java logging library log4j was discovered that results in Remote Code Execution (RCE) by logging a certain string. This post provides resources to understand the vulnerability and how to mitigate it.
Contents: • Who is impacted? • Affected Apache log4j Versions • Temporary Mitigations • How the exploit works • Exploit Requirements • Example Vulnerable Code • Exploit Steps • How you can prevent future attacks
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...