What is Log4j vulnerability? How to test for Log4j vulnerability?

The Log4j vulnerability is a flaw in a library for logging errors and events in Java-based applications. It allows attackers to remotely control and execute code on vulnerable machines by sending a special string to the application. This can compromise the server and run any software the attacker wants. The vulnerability is triggered by attackers inserting a JNDI lookup in a header field (likely to be logged) linking to a malicious server. After Log4j logs this string, the server is queried and gives directory information leading to the download and execution of a malicious java data class.

How to test for Log4j vulnerability?

There are several ways to test for the Log4j vulnerability. One way is to check if your application uses a vulnerable version of Log4j by running the following command in a Maven project: mvn dependency:tree -Dincludes=org.apache.logging.log4j:log4j-core.

Another way is to use an open-source tool called Huntress Log4Shell vulnerability tester that generates a string you can use as input in the application you want to check.

You can also scan your system to check for the Apache Log4j vulnerability using an open-source tool called Apache Log4j CVE-2021-44228 developed by Adil Soybali, There are also other open-source tools such as CISA Log4j ScannerHuntress Labs log4shell tester, and Trend Micro Log4j Vulnerability Tester that you can use to scan your system.

About Contynuiti for ethical hackers

The test for Log4j vulnerability can be written as an attack flow in Contynuiti, and its execution can be set up as an automation. To set up a call how this would work for your organization, set up a call through this link here.

By using this website you agree to our Cookie Policy.

Cookie Settings

We use cookies to improve user experience. Choose what cookie categories you allow us to use. You can read more about our Cookie Policy by clicking on Cookie Policy below.

These cookies enable strictly necessary cookies for security, language support and verification of identity. These cookies can’t be disabled.

These cookies collect data to remember choices users make to improve and give a better user experience. Disabling can cause some parts of the site to not work properly.

These cookies help us to understand how visitors interact with our website, help us measure and analyze traffic to improve our service.

These cookies help us to better deliver marketing content and customized ads.