CVEs-PoC/2017/CVE-2017-5645.md

CVE-2017-5645

Description

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

POC

Reference

• http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
• http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
• http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
• http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
• http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
• http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
• https://www.oracle.com/security-alerts/cpuApr2021.html
• https://www.oracle.com/security-alerts/cpuApr2021.html
• https://www.oracle.com/security-alerts/cpuapr2020.html
• https://www.oracle.com/security-alerts/cpuapr2020.html
• https://www.oracle.com/security-alerts/cpujan2020.html
• https://www.oracle.com/security-alerts/cpujan2020.html
• https://www.oracle.com/security-alerts/cpujan2021.html
• https://www.oracle.com/security-alerts/cpujan2021.html
• https://www.oracle.com/security-alerts/cpujan2022.html
• https://www.oracle.com/security-alerts/cpujan2022.html
• https://www.oracle.com/security-alerts/cpujul2020.html
• https://www.oracle.com/security-alerts/cpujul2020.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
• https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
• https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
• https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Github

• https://github.com/ADP-Dynatrace/dt-appsec-powerup
• https://github.com/ARPSyndicate/cvemon
• https://github.com/AdeliaNitzsche/Java-Deserialization-Cheat-Sheet
• https://github.com/Anonymous-Phunter/PHunter
• https://github.com/BrittanyKuhn/javascript-tutorial
• https://github.com/CGCL-codes/PHunter
• https://github.com/CrackerCat/myhktools
• https://github.com/GhostTroops/myhktools
• https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
• https://github.com/HackJava/HackLog4j2
• https://github.com/HackJava/Log4j2
• https://github.com/HynekPetrak/log4shell-finder
• https://github.com/Marcelektro/Log4J-RCE-Implementation
• https://github.com/PalindromeLabs/Java-Deserialization-CVEs
• https://github.com/SexyBeast233/SecBooks
• https://github.com/Threekiii/Awesome-POC
• https://github.com/Threekiii/Vulhub-Reproduce
• https://github.com/bakery312/Vulhub-Reproduce
• https://github.com/cyberharsh/log4j
• https://github.com/do0dl3/myhktools
• https://github.com/f-this/f-apache
• https://github.com/gumimin/dependency-check-sample
• https://github.com/hktalent/myhktools
• https://github.com/hxysaury/saury-vulnhub
• https://github.com/iqrok/myhktools
• https://github.com/klausware/Java-Deserialization-Cheat-Sheet
• https://github.com/logpresso/CVE-2021-44228-Scanner
• https://github.com/ltslog/ltslog
• https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
• https://github.com/pen4uin/awesome-vulnerability-research
• https://github.com/pen4uin/vulnerability-research
• https://github.com/pen4uin/vulnerability-research-list
• https://github.com/pimps/CVE-2017-5645
• https://github.com/shadow-horse/CVE-2019-17571
• https://github.com/spmonkey/spassassin
• https://github.com/thl-cmk/CVE-log4j-check_mk-plugin
• https://github.com/touchmycrazyredhat/myhktools
• https://github.com/trhacknon/CVE-2021-44228-Scanner
• https://github.com/trhacknon/log4shell-finder
• https://github.com/trhacknon/myhktools
• https://github.com/woods-sega/woodswiki
• https://github.com/zema1/oracle-vuln-crawler