Exploiting Log4Shell: How Log4J Applications Were Hacked

Log4Shell is an eight-year-old Remote Code Execution vulnerability in the Apache Log4j Java logging package, recently disclosed in 2021.
The vulnerability arises when the logging package processes a malicious string put in a Java Naming and Directory Interface (JNDI) lookup.
This causes the package to connect to a remote server and execute code.
It affects versions 2.0-beta9 to 2.14.1 of Log4j and can affect hundreds of millions of devices.
Attack vectors include inserting the exploit into user-controlled input fields, such as web forms.
This can then be used to execute code on a server and take control of vulnerable applications.
This can have huge consequences for businesses and networks, including stealing sensitive data, encrypting files for ransom, or even taking the entire network offline.
This can have devastating impacts on civilians using vulnerable applications, such as Pokémon GO and Steam users.
This article describes how the Log4Shell hack works and demonstrates how to recreate the exploit.

Fast Feed