[ home / overboard ] [ soy / qa / raid / r ] [ int / pol ] [ a / an / asp / biz / mtv / r9k / tech / v / sude / x ] [ q / news / chive / rules / pass / bans / status ] [ wiki / booru / irc ]

A banner for soyjak.party

/tech/ - Soyence and Technology

Download more RAM for your Mac here
Catalog
Email
Subject
Comment
File
Password (For file deletion.)

File: de54eb6d-c2a9-435e-8e0d-6….jpeg 📥︎ (96.45 KB, 800x800) ImgOps

 31727[Quote]

i have ubuntu18.04 running on vm with unifi-video, i want to test if it is vulnerable to Log4j2 and i want to make a poc.

[code]unzip -l /usr/lib/unifi-video/lib/log4j-core-2.1.jar | grep -i JndiLookup[/code]
ths look up shows that my unifi-video 3.10.3 does have the vulnerable JndiLookup thingy. It also seems to have all the requirements for a proper RCE to work BUT FUCK FUCK FUCK I JUST CANT FUCKING EXPLOIT IT WHAT THE FUCK


https://github.com/puzzlepeaches/Log4jUnifi
i tried this shti and modified so instead of /api/login it sends the request to /api/2.0/login which is the actual endpont unifi-video expects. Has any of you niggas had experience with this shit please help a nigga out.

[Return][Catalog][Go to top][Post a Reply]
Delete Post [ ]
[ home / overboard ] [ soy / qa / raid / r ] [ int / pol ] [ a / an / asp / biz / mtv / r9k / tech / v / sude / x ] [ q / news / chive / rules / pass / bans / status ] [ wiki / booru / irc ]