Exploit for Deserialization of Untrusted Data in Apache Log4J CVE-2021-44228 CVE-2021-45046

## https://sploitus.com/exploit?id=21F23081-849E-5B0D-AB61-A8EB37CA0B38
## CVE-2021-44228: Log4j / Log4Shell Security Research Summary

<p align="center">
  <img width="300" height="300" src="https://github.com/0xsyr0/log4shell/blob/main/files/log4shell_logo.png">
</p>

This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.

- [Threat Intel](https://github.com/0xsyr0/log4shell/blob/main/Threat-Intel.md)
- [Mitigations / Fixes](https://github.com/0xsyr0/log4shell/blob/main/Mitigations-Fixes.md)
- [Malware Reports](https://github.com/0xsyr0/log4shell/blob/main/Malware-Reports.md)
- [Advisory](https://github.com/0xsyr0/log4shell/blob/main/Advisory.md)
- [IOCs / Callback Domains / IP Addresses](https://github.com/0xsyr0/log4shell/blob/main/IOCs-Callback-Domains-IP-Addresses.md)
- [Honeypots](https://github.com/0xsyr0/log4shell/blob/main/Honeypots.md)
- [Payloads / Obfuscation / WAF Bypass](https://github.com/0xsyr0/log4shell/blob/main/Payloads-Obfuscation-WAF-Bypass.md)
- [Vulnerability Scanning](https://github.com/0xsyr0/log4shell/blob/main/Vulnerability-Scanning.md)
- [Exploitation](https://github.com/0xsyr0/log4shell/blob/main/Exploitation.md)
- [Trainings](https://github.com/0xsyr0/log4shell/blob/main/Trainings.md)

Thanks to Malware Unicorn for the logo!

Source: https://malwareunicorn.org/log4shell_logo.png