Exploit for Deserialization of Untrusted Data in Apache Log4J CVE-2021-44228

Name: Exploit for Deserialization of Untrusted Data in Apache Log4J CVE-2021-44228
Rating: 5 (232 reviews)

2021-12-13 | CVSS 9.3

## https://sploitus.com/exploit?id=C1878361-BBB3-5A2F-8212-945883518690
#  CVE-2021-44228!

The current program remove the class "org/apache/logging/log4j/core/lookup/JndiLookup.class" from your zip, jar, war, ear archive.
# Before use
- Follow the guide https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/ before using.
- The utility will help your to apply "Modify your log4j .jar manually" step if required
# How to run
Execute the program before starting your server
- wget https://github.com/AlexandreHeroux/Fix-CVE-2021-44228/raw/main/dist/fix-CVE-2021-44228-1.0.1.jar
- java -jar fix-CVE-2021-44228-1.0.1.jar /yourFolder