Exploit for Deserialization of Untrusted Data in Apache Log4J CVE-2021-44228

## https://sploitus.com/exploit?id=D77DEF60-6E7D-5708-B9F2-DB4EA3E38C23
# CVE-2021-44228-quickfix-script
Use environment variable to disable lookup.

## 中文介绍
请移步 [这里](https://www.ghostchu.com/cve-2021-44228-log4j2-%e8%bf%9c%e7%a8%8b%e4%bb%a3%e7%a0%81%e6%89%a7%e8%a1%8c%e6%bc%8f%e6%b4%9e%e5%bf%ab%e9%80%9f%e4%bf%ae%e5%a4%8d%e8%84%9a%e6%9c%ac/)

## Linux
```bash
wget -O fix_linux.sh https://raw.githubusercontent.com/Ghost-chu/CVE-2021-44228-quickfix-script/master/fix_linux.sh
sudo chmod +x fix_linux.sh
sudo ./fix_linux.sh
```

## Windows

### With PowerShell
```powershell
wget -Uri "https://raw.githubusercontent.com/Ghost-chu/CVE-2021-44228-quickfix-script/master/fix_windows.bat" -OutFile "fix_windows.bat" 
.\fix_windows.bat
```

### With CMD
Download the script from `https://raw.githubusercontent.com/Ghost-chu/CVE-2021-44228-quickfix-script/master/fix_windows.bat`  
Double-Click to install.

## Root/Administrator?

This script can both running under admin/root or normal-user, but if you run it under normal-user level, it will only patch the user which who execute it.