Intro
This lab covers the exploitation of a vulnerability in Log4j.
Apache Solr 8.11.0 is running on the target machine which this version of the software is prone to vulnerable log4j package (CVE-2021-44228). The application itself runs on Java 1.8.0_181.
Enum
We can see clear indicators of log4j used for logging activity when we browse Solr Admin Dashboard:
