Hey Guys in this video I have shared about the Log4j RCE Vulnerability which found in the recent days. and also i have explained this with a sample vulnerable application which uses the log4j 14.0 version for better understanding.
This Video includes log4j vulnerable lab setup plus exploitation for learning the attack.
The lab is downloaded from the following GitHub repo : github.com/leonjza/log4jpwn
Video Time Stamp
------------------------------
00:00 - 01:06 - Introduction about the Vulnerability
01:07 - 03:13 - What are Logs and Log4j
03:13 - 04:10 - What is Lookups in Log4j
04:10 - 05:16 - What is JNDI Lookup in Log4j
05:16 - 07:44 - What is LDAP and it use in JDNI
07:44 - 10:03 - RCE - Attack scenario
10:04 - 14:27 - Vulnerable Lab Setup
14:28 - 19:43 - Attack Demo
19:43 - 22:00 - Vulnerability Remediation
22:00 - 22:54 - End of Video
-------------------------------
Follow me
Linked In: / arun-kumar-r-218972115
Twitter : / arunkanish1998