Can we find Log4Shell with Java Fuzzing?
2021-12-14 00:49:18 Author: fuzzinglabs.com(查看原文) 阅读量:43 收藏

In this video, I’m trying to find the famous java Log4Shell RCE (CVE-2021-44228) using fuzzing. I’m targeting apache log4j2 version 2.14.1 and I’m using Jazzer, the Java fuzzer developed by Code Intelligence. I will show and give you everything to reproduce the same at home 😉 Don’t forget to patch the log4j security vulnerability by switching to log4j2 version 2.15.0

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.


文章来源: https://fuzzinglabs.com/log4shell-java-fuzzing-log4j-rce/
如有侵权请联系:admin#unsafe.sh