Exploit for Deserialization of Untrusted Data in Apache Log4J

Name: Exploit for Deserialization of Untrusted Data in Apache Log4J
Rating: 5 (379 reviews)

2021-12-13 | CVSS 8.8

## https://sploitus.com/exploit?id=608B43BB-B31C-5B8A-A962-A58902AEBF2E
# Log4j-RCE-Exploiter
Scanner for Log4j RCE CVE-2021-44228


![Log4j RCE Scanner Image](https://github.com/thecyberneh/Log4j-RCE-Exploiter/blob/main/log4j.png "Log4j Exploiter")

# Installation
For installation, Run the Following command with SUPERUSER (ROOT)
```
▶ cd Log4j-RCE-Exploiter

▶ chmod 777 installer.sh

▶ ./installer.sh
```

# Usage

```

▶ log4jExploiter -d tesla.com -b 6nuulng8dd2sivtd3kht31s9e0kq8f.burpcollaborator.net

-h, --help              Display help                                                                                                                                                          
-l, --url-list          List of domain/subdomain/ip to be used for scanning.                                                                                                                  
-d, --domain            The domain name to which all subdomains and itself will be checked.                                                                                                   
-b, --burpcollabid      Burp collabrator client id address or interactsh domain address.    

```