title: 〖工具〗log4Shell核弹级漏洞复现&Ladon批量检测
comments: true
toc: true
categories:
-
- exp
tags:
- exp
- Log4j2
abbrlink: log4shell
date: 2021-12-16 19:24:00
img: https://img-blog.csdnimg.cn/20210117163103552.jpg
漏洞简介
Apache Log4j2是一款优秀的Java日志框架。近日,漏洞银行安全团队注意到了Apache Log4j2远程代码执行漏洞。由于Apache Log4j2某些功能存在递归解析功能,攻击者可直接构造恶意请求,触发远程代码执行漏洞。
漏洞原理
Apache Log4j2 中存在JNDI注入漏洞,当程序将用户输入的数据进行日志记录时,即可触发此漏洞,成功利用此漏洞可以在目标服务器上执行任意代码。
影响版本
Apache Log4j 2.0 <= 2.15.0-rc1
影响产品
Apache Struts
Apache Struts 2
Apache Solr
Apache Druid
Apache Flink
Apache Spark
Apache Tomcat
ElasticSearch
Flume
Apache Dubbo
Logstash
Kafka
Spring-Boot-starter-log4j2
RedHat Not all RedHat packages are vulnerable, but some of the Openshift and JBoss packages are affected. https://access.redhat.com/security/cve/cve-2021-4
Jenkins Although Jenkins Core is not affected by default, plug-ins installed in Jenkins can use the vulnerable version of Log4J. There is also a method to verify if any of the plug-ins installed uses Log4j. The second link contains a list of the vulnerable versions of the plug-in that have been found as of this writing.
https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/
https://issues.jenkins.io/browse/JENKINS-67353?focusedCommentId=416946&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-416946
Apache Solr Apache Solr releases prior to 7.4 are affected. https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
VMWare Multiple products are affected. https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Citrix Investigation pending https://support.citrix.com/article/CTX335705
Atlassian Atlassian is vulnerable if the default configuration was modified. https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html
NetApp Multiple NetApp products are vulnerable. https://security.netapp.com/advisory/ntap-20211210-0007/
PS: 除了本文列的这些产品,还有很多产品受到影响,具体可Go