Y

YouLibs

Remove Touch Overlay

Log4j Lookups in Depth // Log4Shell CVE-2021-44228 - Part 2

Duration: 16:07Views: 60.2KLikes: 3KDate Created: Dec, 2021

Channel: LiveOverflow

Category: Education

Tags: minecraftliveoverflowloggerupdateintellijblogladpslog4shell demojava deserializationexploit walkthroughrmilive overflowhacking tutorialremote class loadingjavacveldap${java:ldap://liveoverflow.com}in-depthserialisationdebuggingenterprise javalog4jjvmlog4shellupgrademavenexploit democve-2021-44228java loggingvulnerabilitylog4j rceobject serializationinternalshow to hackexploit tutorialwriteupjndiwalkthroughldap serverzero day

Description: In this video we dig a layer deeper into Log4j. We get a quick overview how Log4j is parsing lookup strings and find the functions used in WAF bypasses. Then we bridge the gap to format string vulnerabilities and figure out why the noLookups mitigation has flaws. Part 1 - Hackers vs. Developers // CVE-2021-44228 Log4Shell: youtube.com/watch?v=w2F67LbEtnk My lamest GitHub repo ever: github.com/LiveOverflow/log4shell -- 00:00 - Intro 00:38 - Chapter #1: Log4j Lookups in Depth Debugging 03:50 - Log Layout Formatters 06:56 - Chapter #2: Secure Software Design 09:21 - Chapter #3: Format String Vulnerabilities 13:58 - Chapter #4: noLookups Mitigation 15:15 - Final Worlds 15:42 - Outro -=[ โค๏ธ Support ]=- โ†’ per Video: patreon.com/join/liveoverflow โ†’ per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ ๐Ÿ• Social ]=- โ†’ Twitter: twitter.com/LiveOverflow โ†’ Instagram: instagram.com/LiveOverflow โ†’ Blog: liveoverflow.com โ†’ Subreddit: reddit.com/r/LiveOverflow โ†’ Facebook: facebook.com/LiveOverflow

Swipe Gestures On Overlay
Home
Channels
All Videos
Categories
Tags
Related
Infinite Masonry

Related

Sorts:
โ–ผ
Filters:
CategoryChannelDate CreatedDurationLikesPopularityTagsTitleViews
โ–ผ
1-10mins10-30mins30mins+past weekpast monthpast year2021-20242015-2020
  • The Controversial History of 2b2t's Queue SystemFitMC11:52Jan, 2022958.6Kbackgroundvideo thumbnail for: The Controversial History of 2b2t's Queue System
  • We Played Minecraft With Ninja on 2b2tFitMC14:08Jan, 2022844.9Kbackgroundvideo thumbnail for: We Played Minecraft With Ninja on 2b2t
  • The Scariest Week in Minecraft HistoryFitMC09:48Dec, 20211.7Mbackgroundvideo thumbnail for: The Scariest Week in Minecraft History
  • INSANE New Minecraft Builds 1.17 Caves & Cliffs Update!Jeracraft12:17Jan, 20211.9Mbackgroundvideo thumbnail for: INSANE New Minecraft Builds 1.17 Caves & Cliffs Update!
  • Let's Make Chess in Java!TheHappieCat15:23Aug, 2015536.2Kbackgroundvideo thumbnail for: Let's Make Chess in Java!
  • The Rise and Fall of JavaThe Science Elf10:38Jul, 2018970.6Kbackgroundvideo thumbnail for: The Rise and Fall of Java
  • Minecraft 1.19 Deep Dark Experimental Snapshot 1 - Its All Here!xisumavoid17:47Feb, 20221.1Mbackgroundvideo thumbnail for: Minecraft 1.19 Deep Dark Experimental Snapshot 1 - Its All Here!
  • Everything You Need To Know About RAVAGERS In Minecraft!Cubey08:34Jul, 20192.2Mbackgroundvideo thumbnail for: Everything You Need To Know About RAVAGERS In Minecraft!
  • Everything You Need To Know About DROWNED In Minecraft!Cubey05:33Mar, 20191.4Mbackgroundvideo thumbnail for: Everything You Need To Know About DROWNED In Minecraft!
  • 10 ITEMS YOU NEED for Minecraft's Update Aquatic!Cubey06:41Nov, 20181.1Mbackgroundvideo thumbnail for: 10 ITEMS YOU NEED for Minecraft's Update Aquatic!
    • Items shown
    to: 10
    of:999
    โ€น123...100โ€บ