Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Hacking & Exploits Website Hacking Log4Shell: Huge log4j vulnerability

Thread Rating:
  • 814 Vote(s) - 3.51 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
Log4Shell: Huge log4j vulnerability

Offline monde366


Member
*
Member
Posts: 0
Threads: 0
Joined: Jun 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
12-16-2021, 03:19 PM
I guess you guys have heard of that log4j huge security issue

[To see links please register here]

(also called Log4Shell)
I know Minecraft servers are concerned, do you know some other popular (self hosted) services that might be targeted?
Also I'd be curious to see an exploit example
Reply

Offline sheereefwxgshbvuq


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Mar 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
12-17-2021, 01:55 PM
Ok I got part of my answer, here is an impressive list of related softwares (some are obviously missing):

[To see links please register here]

I noticed some versions of Elasticsearch, Logstash and SOLR are vulnarable, that could be a big deal

And here is an exploit example:

[To see links please register here]


EDIT : And here are some nice PoC, included Ghidra and Minecraft:

[To see links please register here]


(sorry about that monologue haha)
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
3 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through