The exploitation of a vulnerability named Log4Shell (CVE-2021-44228)

Intro

This lab covers the exploitation of a vulnerability in Log4j.

Apache Solr 8.11.0 is running on the target machine which this version of the software is prone to vulnerable log4j package (CVE-2021-44228). The application itself runs on Java 1.8.0_181.

Enum

We can see clear indicators of log4j used for logging activity when we browse Solr Admin Dashboard:

Continue reading “The exploitation of a vulnerability named Log4Shell (CVE-2021-44228)”