Exploit for Deserialization of Untrusted Data in Apache Log4J CVE-2021-44228

Name: Exploit for Deserialization of Untrusted Data in Apache Log4J CVE-2021-44228
Rating: 5 (326 reviews)

2021-12-10 | CVSS 9.3

## https://sploitus.com/exploit?id=C3153E8C-0590-5D96-8EDC-AEE7E129246E
# CVE-2021-44228-Log4Shell-Hashes
Hashes for vulnerable LOG4J versions

Created to help orgs search for this vulnerable versions

https://www.lunasec.io/docs/blog/log4j-zero-day/

Source of the hashes: https://archive.apache.org/dist/logging/log4j/

- ~~Possibly 1.X affected to https://github.com/apache/logging-log4j2/pull/608~~
- Version 1.0 is NOT vulnerable: https://twitter.com/ceki/status/1469449618316533762?s=20


- Detection Rules: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
- VMware Vulnerable: https://www.randori.com/blog/cve-2021-44228/
- Proof of Concept JNDI/LDAP server: https://github.com/veracode-research/rogue-jndi