Log4Shell
Last updated
Was this helpful?
Last updated
Was this helpful?
Check this for more info To check for Log4Shell exploit :
Then url encode it and send through burp after intercepting:
Listening on nc:
We get some weird characters back.
Then send the payload:
Sending the url encoded payload in burpsuite.
Now we get a shell back:
Then we can use a Download and execute