How Hackers Exploit Log4J to Get a Reverse Shell (Ghidra Log4Shell Demo) | HakByte

On this episode of HakByte, Alex Lynd demonstrates a Log4Shell attack against Ghidra, and shows how a reverse shell can be established on compromised systems running the vulnerable Log4J Java framework.
This framework runs on millions of Java powered devices and was recently exploited, exposing a dangerous vulnerability that uses a single line of code to hack vulnerable systems.

To support the HakByte show, check out our webstore at

Links:
Ghidra 10.0.3 Download:
Log4Shell Demo:

Alex’s Twitter:
Alex’s Website:
Alex’s GitHub:
Alex’s Youtube:

Chapters:
Intro 00:00
What is Log4J? 00:16
Log4Shell Exploit Explained 00:40
Vulnerable Programs 01:11
Set up the Log4Shell Demo 02:33
Create a Webserver 03:11
Netcat Reverse Shell Listener 04:01
Set up Log4Shell Demo 05:01
Log4Shell String Explained 05:45
Ghidra Setup 06:24
Log4Shell Attack Demo 07:01
Netcat Reverse Shell 07:39
Outro 08:00

Hak5 — Cyber Security Education, Inspiration, News & Community since 2005:

—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Our Site →
Shop →
Subscribe →
Support →
Contact Us →
Threat Wire RSS →
Threat Wire iTunes →
—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆

____________________________________________
Founded in 2005, Hak5’s mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong. .

Concluzion: How Hackers Exploit Log4J to Get a Reverse Shell (Ghidra Log4Shell Demo) | HakByte – hak5,hack,technology,darren kitchen,shannon morse,snubs,hack5,hacker,red team,pentest,pentester,pentesting,penetration testing,cyber security,information security,infosec,Alex lynd,Alex Lynd Youtube,ghidra,log4j,log4j exploit,log4j attack,log4j demo,log4shell,log4shell demo,hacking,hacks,reverse shell,netcat,netcat reverse shell,ghidra exploit,log4j explained,log4shell explained

source