Home Arsenal Exploits & 0days Log4Shell Exploit Kit (CVE-2021-44228)
Log4Shell Exploit Kit (CVE-2021-44228)
Versionv3.1
Difficulty Intermediate
Downloads470
Rating (0.00)
Updated2025-01-20
CategoryExploits & 0days

Log4Shell Exploit Kit (CVE-2021-44228)

$79.99

Log4Shell — CVE-2021-44228 Exploit Modular

Kit de explotación completo para la vulnerabilidad de JNDI injection en Apache Log4j 2.x (versiones < 2.17.1).

  • Servidor LDAP malicioso — Marshalsec-based LDAP server que sirve clases Java maliciosas al target.
  • HTTP callback server — Servidor HTTP que hostea el payload .class compilado.
  • Payloads multiplataforma — Reverse shells para Linux (bash, python, perl) y Windows (PowerShell, certutil chain).
  • Bypass de WAF — 15+ variantes de ofuscación del string JNDI: ${${lower:j}ndi:...}, ${${env:BARFOO:-j}ndi:...}, nested lookups.
  • Scanner de detección — Script que prueba 50+ injection points (headers, params, user-agent, referer) contra un target.

Requisitos: Java 8+ en atacante, target con Log4j 2.0-2.17.0.

Add to Cart Buy Now

Reviews (0)

No reviews yet. Be the first!

Related Tools

CVE-2024-6387 RegreSSHion PoC
Exploits & 0days

CVE-2024-6387 RegreSSHion PoC

$249.99
Apache Path Traversal Exploit (CVE-2021-41773)
Exploits & 0days

Apache Path Traversal Exploit (CVE-2021-41773)

$15.99
Spring4Shell RCE Exploit (CVE-2022-22965)
Exploits & 0days

Spring4Shell RCE Exploit (CVE-2022-22965)

$59.99
ProxyShell Exchange Exploit Chain
Exploits & 0days

ProxyShell Exchange Exploit Chain

$349.99