CVE-2021-44228 - Log4j - MINECRAFT VULNERABLE! (and SO MUCH MORE)

Timestamps (HUGE thanks to deetee in the comments for putting these together!!!):

0:00 - Introduction
0:49 - Tweet on gaining RCE via Minecraft
1:16 - Overview of topics covered in video
1:57 - Context surrounding Log4j exploit
3:08 - Blog posts & Github repositories on CVE-2021-44228
3:58 - [Demo] Exploiting Log4j to get a callback to attacker-controlled server
6:58 - [Demo] Exploiting Log4j via unpatched Minecraft server (Spawning calc.exe)
21:00 - [Demo] Exploiting Log4j via unpatched Minecraft server (Spawning a reverse shell)
24:30 - How the industry is responding from a defense perspective
27:37 - Industry chatter surrounding CVE-2021-44228
28:52 - Blog post discussion
29:28 - Open Source Log4Shell Vulnerability Tester
32:28 - Conclusion

Detection:
https://twitter.com/thinkstcanary/sta...
  / 1469350532548632581  
  / 1469643986403008515  
Threats:
  / 1469508032887414784  
Bypasses:
  / 1469523006015750146  



For more content, subscribe on Twitch!   / johnhammond010  
If you would like to support me, please like, comment & subscribe, and check me out on Patreon:   / johnhammond010  
PayPal: https://paypal.me/johnhammond010
E-mail: [email protected]
Discord: https://johnhammond.org/discord
Twitter:   / _johnhammond  
GitHub: https://github.com/JohnHammond

If you would like to support the channel and I, check out Kite! Kite is a coding assistant that helps you code faster, on any IDE offer smart completions and documentation. https://www.kite.com/get-kite/?utm_me... (disclaimer, affiliate link)