))
Log4shell, Log4j exploit or Log4what, is that a new crossfit trend?
Manage episode 320821161 series 3217077
Kandungan disediakan oleh Theo. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Theo atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Today’s episode covers the vulnerability affecting Java logging package, Log4j. This episode took a little longer to make than expected due to its complexity. Please see links below used to create the episode.
TryHackMe’s Solar, exploiting log4j https://tryhackme.com/room/solar
The Log4J Vulnerability Will Haunt the Internet for Years https://www.wired.com/story/log4j-log4shell/
Huntress Log4Shell Vulnerability Tester https://log4shell.huntress.com/
Apache logging services https://logging.apache.org/
The Apache Software Foundation https://www.apache.org/
USB our Guest - Episode 22 Updates - https://anchor.fm/usbog/episodes/Software-Updates-emgnsh
Log4j Attack surface - https://github.com/YfryTchsGD/Log4jAttackSurface
Log4j - Apache Log4j Security Vulnerabilities - https://logging.apache.org/log4j/2.x/security.html
JDBC Appender https://logging.apache.org/log4j/2.x/manual/appenders.html#JDBCAppender
Apache Log4j Security Vulnerabilities https://logging.apache.org/log4j/2.x/security.html
What is JDBC? https://www.ibm.com/docs/en/informix-servers/12.10?topic=started-what-is-jdbc
Lesson: Overview of JNDI https://docs.oracle.com/javase/tutorial/jndi/overview/index.html
W3Schools - Addressing https://www.w3.org/Addressing/URL/uri-spec.html
Amazon Affiliate link - https://amzn.to/3rpF5KI
45 episod
Kongsi
