Share
## https://sploitus.com/exploit?id=2E946B1D-12B1-56D1-A72E-A3026C240B1D
# CVE-2021-44228 Helpers

Helpers, examples, and exploits for cve-2021-44228. Associated blog post: https://blog.uint0.dev/cve-2021-44228/

## Helpers

### Echo chamber

`cd echochamber`

Logs input via log4j.

**Build**: `./gradlew build`

**Run**: `./gradlew run --console=plain`

### Ldap Exfil Server

`cd ldap-listener`

Ldap server that logs requests to allow for exfiltration

**Build**: `pip install -r requirements.txt`

**Run**: `python3 listener.py <port>`


## Vulnerable applications

### Spring Hibernate

`cd spring-hibernate-ex`

A sample app using Spring and Hibernate that's vulnerable to RMI deserialization.

**Build**: `./gradlew build`

**Run**: `./gradlew bootRun`


### Class Inclusion

`cd class-inclusion-ex`

A sample app with `com.sun.jndi.ldap.object.trustURLCodebase=true` thats vulnerable to class inclusion

**Build**: `./gradlew build`

**Run**: `./gradlew run --console=plain`

## Exploits

### Exploit Class Inclusion

`cd exploit-class-inclusion`

Simple instructions on how to exploit class inclusion.

### Exploit RMI Deserialization

`cd exploit-rmi-deserialization`

Simple on how to exploit RMI Deserialization for the `spring-hibernate-ex` example.

## Troubleshooting

Everything was tested with java 11 (`sdk use java 11.0.11.j9-adpt`).