動画検索
関連広告
検索結果
Introduction to Log4j CVE-2021-44228 Vulnerability
Connecting to the TryHackMe Room from Kali
Reconnaissance - Use NMAP
Discovery - Explore the Apache Solr application
Proof of Concept - Checking if the log4j is exploitable.
Exploitation - Getting a Reverse Shell.
Persistance - Get a SSH shell for permenrnant access
Detection - How to detect log4 is existent in your environment
Bypasses - How attackers bypass detections to deliver log4j exploits
MItigation - How to apply a workaround to protect Apache solar from log4j
Patching
Intro
BugBounty Public Service Announcement
Chapter #1: Log4j 2
Log4j Lookups
Chapter #2: JNDI
JNDI vs. Log4j
Chapter #3: Log4Shell Timeline
Developer Experiences Unexpected Lookups
The Discovery of Log4Shell in 2021
Chapter #4: The 2016 JNDI Security Research
Java Serialized Object Features
Why Was The Security Research Ignored?
Chapter #5: Security Research vs. Software Engineering
Final Words and Outlook to Part 2
Outro
Intro
What do we know about the log4j vulnerability?
What do we know about this vulnerability?
Was Checkpoint Infrastructure and Products affected from this attack?
How has Checkpoint secured their products?
Protecting Workloads
Checkpoint NDR
How to be prepared for similar attacks in the future?
Prevention
Conclusion