Minecraft Servers View
Welcome
Login / Register

CVE-2021-44228 - Log4j - MINECRAFT VULNERABLE! (and SO MUCH MORE)



Thanks! Share it with your friends!

URL

You disliked this video. Thanks for the feedback!

Sorry, only registred users can create playlists.
URL


Added by john in Minecraft Servers
4 Views

Description

Timestamps (HUGE thanks to deetee in the comments for putting these together!!!):

0:00 - Introduction
0:49 - Tweet on gaining RCE via Minecraft
1:16 - Overview of topics covered in video
1:57 - Context surrounding Log4j exploit
3:08 - Blog posts & Github repositories on CVE-2021-44228
3:58 - [Demo] Exploiting Log4j to get a callback to attacker-controlled server
6:58 - [Demo] Exploiting Log4j via unpatched Minecraft server (Spawning calc.exe)
21:00 - [Demo] Exploiting Log4j via unpatched Minecraft server (Spawning a reverse shell)
24:30 - How the industry is responding from a defence perspective
27:37 - Industry chatter surrounding CVE-2021-44228
28:52 - Blog post discussion
29:28 - Open Source Log4Shell Vulnerability Tester
32:28 - Conclusion

Detection:
https://twitter.com/thinkstcanary/status/1469439743905697797?s=21
https://twitter.com/an0maious/status/1469350532548632581
https://twitter.com/an0n_r0/status/1469643986403008515
Threats:
https://twitter.com/zom3y3/status/1469508032887414784
Bypasses:
https://twitter.com/Rezn0k/status/1469523006015750146



For more content, subscribe on Twitch! https://twitch.tv/johnhammond010
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: https://patreon.com/johnhammond010
PayPal: https://paypal.me/johnhammond010
E-mail: [email protected]
Discord: https://johnhammond.org/discord
Twitter: https://twitter.com/_johnhammond
GitHub: https://github.com/JohnHammond

If you would like to support the channel and I, check out Kite! Kite is a coding assistant that helps you code faster, on any IDE offer smart completions and documentation. https://www.kite.com/get-kite/?utm_medium=referral&utm_source=youtube&utm_campaign=johnhammond&utm_content=description-only (disclaimer, affiliate link)

Post your comment

Comments

Be the first to comment
RSS