## https://sploitus.com/exploit?id=6A34D9C3-C290-5763-BAF4-F1D6351C4BA2
# CVE-2021-44228-Demo
This project for prove and testing zero-day log4j exploit
# verify dependency
./mvnw dependency:list
# patch
A set ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true
B add vm option -Dlog4j2.formatMsgNoLookups=true
C.1 add properties log4j2.formatMsgNoLookups=true (NOT WORK)
C.2 add properties log4j.formatMsgNoLookups=true (NOT WORK)
D update <log4j2.version>2.15.0</log4j2.version>
E in log4j2.xml replace %m with %m{nolookups}