Log4j RCE II
This exercise is one of our challenges to help you learn Java Serialisation exploitation
In this lab, we cover the exploitation of a Log4j vulnerability by using a gadget from ysoserial. The application logs the user agent for security reasons, which is where the vulnerability lies. By using the ysoserial tool, specifically the JRMPListener exploit, we can gain remote code execution.
The lab guides you through downloading the necessary tools, setting up a Docker environment, and executing the attack. By using different payloads available in ysoserial, such as CommonsCollections1
and CommonsCollections6
, the lab illustrates how to find a working payload to exploit the vulnerability. This hands-on exercise provides a practical understanding of how to exploit serialization vulnerabilities in Java applications.