XXX4Fans
LiveOverflow from patreon
LiveOverflow

patreon


Log4j Lookups in Depth // Log4Shell CVE-2021-44228

In this video we dig a layer deeper into Log4j. We get a quick overview how Log4j is parsing lookup strings and find the functions used in WAF bypasses. Then we bridge the gap to format string vulnerabilities and figure out why the noLookups mitigation has flaws.

Log4j Lookups in Depth // Log4Shell CVE-2021-44228

Related Creators