How Hackers Exploit Log4J to Get a Reverse Shell (Ghidra Log4Shell Demo) | HakByte

On this episode of HakByte, https://www.seevid.ir/fa/result?ytch=UC92rvEjR-5ggjVUotRK8UQA demonstrates a Log4Shell attack against Ghidra, and shows how a reverse shell can be established on compromised systems running the vulnerable Log4J Java framework. This framework runs on millions of Java powered devices and was recently exploited, exposing a dangerous vulnerability that uses a single line of code to hack vulnerable systems. Links: Ghidra 10.0.3 Download: https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_10.0.3_build Log4Shell Demo: https://github.com/kozmer/log4j-shell-poc Alex's Twitter: https://twitter.com/AlexLynd Alex's Website: http://alexlynd.com/ Alex's GitHub: https://github.com/AlexLynd Alex's Youtube: Chapters: Intro https://www.seevid.ir/fa/result?ytch=UC92rvEjR-5ggjVUotRK8UQA https://www.seevid.ir/fa/w/lBxZL98uvdk What is Log4J? https://www.seevid.ir/fa/w/lBxZL98uvdk Log4Shell Exploit Explained https://www.seevid.ir/fa/w/lBxZL98uvdk Vulnerable Programs https://www.seevid.ir/fa/w/lBxZL98uvdk Set up the Log4Shell Demo https://www.seevid.ir/fa/w/lBxZL98uvdk Create a Webserver https://www.seevid.ir/fa/w/lBxZL98uvdk Netcat Reverse Shell Listener https://www.seevid.ir/fa/w/lBxZL98uvdk Set up Log4Shell Demo https://www.seevid.ir/fa/w/lBxZL98uvdk Log4Shell String Explained https://www.seevid.ir/fa/w/lBxZL98uvdk Ghidra Setup https://www.seevid.ir/fa/w/lBxZL98uvdk Log4Shell Attack Demo https://www.seevid.ir/fa/w/lBxZL98uvdk Netcat Reverse Shell https://www.seevid.ir/fa/w/lBxZL98uvdk Outro https://www.seevid.ir/fa/w/lBxZL98uvdk Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org/ Shop → Subscribe → Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

• #science_technology
• #hak5
• #hack
• #technology
• #darren_kitchen
• #shannon_morse
• #snubs
• #hack5
• #hacker
• #red_team
• #pentest
• #pentester
• #pentesting
• #penetration_testing
• #cyber_security
• #information_security
• #infosec
• #alex_lynd
• #alex_lynd_youtube
• #ghidra
• #log4j
• #log4j_exploit
• #log4j_attack
• #log4j_demo
• #log4shell
• #log4shell_demo
• #hacking
• #hacks
• #reverse_shell
• #netcat
• #netcat_reverse_shell
• #ghidra_exploit
• #log4j_explained
• #log4shell_explained