Skip to content
/ log4py Public

pythonic pure python RCE exploit for CVE-2021-44228 log4shell

2 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dotPY-hax/log4py

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 
attacks.py
attacks.py
 
 
exploit.py
exploit.py
 
 
handlers.py
handlers.py
 
 
payloads.py
payloads.py
 
 

Repository files navigation

log4py

pythonic pure python RCE exploit for CVE-2021-44228 log4shell

  1. run a vulnerable service like https://github.com/zzzz0317/log4j2-vulnerable-spring-app
  2. change settings in exploit.py
  3. pwn

This is for educational use only (mostly for my own lol)
This might only be useful after some alterations
if you do illegal stuff - fuck you

#TODO:

  • Add compilation capability through javac for more version flexibility
  • Add more Attack classes for other services
  • Add more of everything!
  • Actual tests (lol)
  • Get out of poc stage

About

pythonic pure python RCE exploit for CVE-2021-44228 log4shell

Topics

python exploit log4j rce pythonic cve-2021-44228

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages