From 539fe86665726848c0cc51a36bbcacb2e8f0a85d Mon Sep 17 00:00:00 2001
From: Henry Post <HenryFBP@gmail.com>
Date: Mon, 13 Dec 2021 18:01:32 -0500
Subject: [PATCH] how to run without docker

---
 README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/README.md b/README.md
index 1784857..08402ca 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,16 @@ docker build . -t vulnerable-app
 docker run -p 8080:8080 --name vulnerable-app vulnerable-app
 ```
 
+### Without docker
+
+    gradle clean bootJar --no-daemon
+    java -jar ./build/libs/log4shell-vulnerable-app-0.0.1-SNAPSHOT.jar
+
+And to send the exploit:
+
+    curl 127.0.0.1:8080 -H 'X-Api-Version: <PAYLOAD>'
+
+
 ## Exploitation steps
 
 *Note: This is highly inspired from the original [LunaSec advisory](https://www.lunasec.io/docs/blog/log4j-zero-day/). **Run at your own risk, preferably in a VM in a sandbox environment**.*