CVE-2021-44228 - Log4j - Minecraft Vulnerable and So Much More
Offered By: John Hammond via YouTube
Course Description
Overview
Explore a comprehensive video tutorial on the critical CVE-2021-44228 Log4j vulnerability, focusing on its impact on Minecraft and other systems. Learn about the context of the exploit, view demonstrations of attacks on unpatched Minecraft servers, and understand industry responses to this security threat. Gain insights into detection methods, potential threats, and bypass techniques. Discover how to use an open-source vulnerability tester and stay informed about the latest developments in this significant cybersecurity issue.
Syllabus
- Introduction.
- Tweet on gaining RCE via Minecraft.
- Overview of topics covered in video.
- Context surrounding Log4j exploit.
- Blog posts & Github repositories on CVE-2021-44228.
- [Demo] Exploiting Log4j to get a callback to attacker-controlled server.
- [Demo] Exploiting Log4j via unpatched Minecraft server (Spawning calc.exe).
- [Demo] Exploiting Log4j via unpatched Minecraft server (Spawning a reverse shell).
- How the industry is responding from a defense perspective.
- Industry chatter surrounding CVE-2021-44228.
- Blog post discussion.
- Open Source Log4Shell Vulnerability Tester.
- Conclusion.
Taught by
John Hammond
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent