Detect Vulnerable Log4J Websites with CanaryTokens | HakByte
On this episode of HakByte, Alex Lynd demonstrates how to test if web applications are vulnerable to the Log4Shell exploit, using CanaryTokens.
Links:
Support the Show! Buy a WiFi Nugget here:
Alex’s Demo:
Kozmer’s Demo:
Alex’s Twitter:
Alex’s Website:
Alex’s GitHub:
Chapters:
00:00 Intro
00:15 What is Log4J?
00:23 What is Log4Shell?
00:58 CanaryTokens Tools You’ll Need
01:22 PCBWay Manufacturing Services
01:35 Register Log4Shell CanaryToken
03:05 Log4J Vulnerability Explained
03:42 Vulnerable WebApp Setup
06:05 User Agent Strings
08:05 Modifying the Browser User Agent
08:40 Testing the Log4Shell Vulnerability
09:34 CanaryTokens Log4Shell Monitor
10:48 Log4Shell String Explained
12:48 Outro
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Hak5 -- Cyber Security Education, Inspiration, News & Community since
2 views
0
0
2 months ago 00:20:06 1
Hundreds of houses are going underground! Footage of massive landslides in Taiwan
2 months ago 00:19:33 1
Sole US Navy Oiler in the Middle East - USNS Big Horn - Damaged | September 23, 2024
2 months ago 00:50:24 1
TROP D’HUMAINS SUR TERRE : LE PLAN DU FORUM ÉCONOMIQUE MONDIAL | GÉOPOLITIQUE PROFONDE
3 months ago 00:43:39 1
LA FRANCE EST-ELLE AU COEUR DES SCANDALES PÉDOCRIMINELS ? | SADOK MACHADO | GÉOPOLITIQUE PROFONDE
5 months ago 00:16:31 1
BUSTING some packaging format MYTHS! App verification, sandbox, package maintainers...
5 months ago 00:15:21 1
A First Look At Parrot 6.1 Home Edition
5 months ago 00:16:39 1
Click with Caution: The Moniker Link Vulnerability (CVE-2024-21413) Exposed | Threat Snapshot
6 months ago 01:25:28 1
Catching The Serial Killer That Targeted The LGBTQ+ Community | A Killers Mistake | @RealCrime