/CVE-2021-44228-Test-Server

A small server for verifing if a given java program is succeptibel to CVE-2021-44228

Primary LanguageGo

CVE-2021-44228-Test-Server

A small server for verifing if a given java program is succeptibel to CVE-2021-44228

Usage

Build the program using go build -o listener.exe. This should give you a small executable for your platform. Use the Go cross compile feature if you need the executable for another platform.

Once you have the executable you can run it using:

$ listener

By default the program listens on port 4568, but that can be changes by passing in a -port argument to the executable.

Once the executable is running make the problematic program log ${jndi:ldap://127.0.0.1:4568/a}. The running application should log every time a request comes in, so you can see if it fits with your expectations.