How Hackers Exploit Log4J to Get a Reverse Shell (Ghidra Log4Shell Demo) | HakByte скачать в хорошем качестве

How Hackers Exploit Log4J to Get a Reverse Shell (Ghidra Log4Shell Demo) | HakByte

On this episode of HakByte, ‪@AlexLynd‬ demonstrates a Log4Shell attack against Ghidra, and shows how a reverse shell can be established on compromised systems running the vulnerable Log4J Java framework. This framework runs on millions of Java powered devices and was recently exploited, exposing a dangerous vulnerability that uses a single line of code to hack vulnerable systems. Links: Ghidra 10.0.3 Download: https://github.com/NationalSecurityAg... Log4Shell Demo: https://github.com/kozmer/log4j-shell... Alex's Twitter:   / alexlynd   Alex's Website: http://alexlynd.com Alex's GitHub: https://github.com/AlexLynd Alex's Youtube:    / alexlynd   Chapters: Intro ‪@AlexLynd‬ 00:00 What is Log4J? 00:16 Log4Shell Exploit Explained 00:40 Vulnerable Programs 01:11 Set up the Log4Shell Demo 02:33 Create a Webserver 03:11 Netcat Reverse Shell Listener 04:01 Set up Log4Shell Demo 05:01 Log4Shell String Explained 05:45 Ghidra Setup 06:24 Log4Shell Attack Demo 07:01 Netcat Reverse Shell 07:39 Outro 08:00 Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darr... Support →   / threatwire   Contact Us →   / hak5   Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/t... -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.