Log4Shell
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

876 B

Attacker

Hosts an ldap with data from ldap/*.ldif files

Hosts an HTTP server serving built classes from files in ./src You have to compile those files with

javac http/src/*.java -d /http/output/

Usage

Build and run ldap

docker build ldap -t badldap
docker run --rm -d -p 1389:389 badldap

Test ldap

ldapsearch -x -H ldap://localhost:1389 -b 'dc=example,dc=org' 

Build and run http

docker build http -t badhttp
docker run --rm -d -p 8088:3000 badhttp

Everything

docker kill `docker ps -f ancestor=badldap -f ancestor=badhttp --format "{{.Names}}"` 2> /dev/null; docker build ldap -t badldap; docker build http -t badhttp; docker run --rm -d -p 1389:389 badldap; docker run --rm -d -p 8088:3000 badhttp

Logs for name in docker ps -f ancestor=badldap -f ancestor=badhttp --format "{{.Names}}"; do docker logs -f $name &; done