## https://sploitus.com/exploit?id=E59C9A70-6F3E-5CF6-9F15-B0039E0FBAF1
# IMPORTANT DISCLAIMER
**THIS SCRIPT CAN LAND YOU IN SERIOUS TROUBLE. THIS IS FOR RESEARCH AND AUTHORISED PEN TESTING ONLY.**
**DO NOT DO ILLEGAL SHIT. THIS SCRIPT IS A BASIC EXPLOITATION OF CVE-2021-44228 AND THE METHOD USED IN THIS SCRIPT IS EASILY MITIGATED FOR A REASON.**
# Log4Me
A tool to automatically obtain a shell using CVE-2021-44228, using marshalsec.
Requires GitPython and thats about it!
## Setup
Make sure that python has permission to access the directory that this script is in.
## Usage
Just run the script! All prompts are available from within the python shell.
```
sudo ./Log4Me.py
```
# Thanks
mbechler - This script relies on marshalsec in order to handle the LDAP request sent by log4j. (https://github.com/mbechler/marshalsec)
John Hammond - This script is an automation of the TryHackMe room created by himself. (https://tryhackme.com/room/solar)
The whole Cyber Security community - Working tirelessly to mitigate and patch! Heroes <3
**The OG5**