Helpers, examples, and exploits for cve-2021-44228. Associated blog post: https://blog.uint0.dev/cve-2021-44228/
cd echochamber
Logs input via log4j.
Build: ./gradlew build
Run: ./gradlew run --console=plain
cd ldap-listener
Ldap server that logs requests to allow for exfiltration
Build: pip install -r requirements.txt
Run: python3 listener.py <port>
cd spring-hibernate-ex
A sample app using Spring and Hibernate that's vulnerable to RMI deserialization.
Build: ./gradlew build
Run: ./gradlew bootRun
cd class-inclusion-ex
A sample app with com.sun.jndi.ldap.object.trustURLCodebase=true
thats vulnerable to class inclusion
Build: ./gradlew build
Run: ./gradlew run --console=plain
cd exploit-class-inclusion
Simple instructions on how to exploit class inclusion.
cd exploit-rmi-deserialization
Simple on how to exploit RMI Deserialization for the spring-hibernate-ex
example.
Everything was tested with java 11 (sdk use java 11.0.11.j9-adpt
).