diff --git a/README.md b/README.md index 000e340..a79966c 100644 --- a/README.md +++ b/README.md @@ -10,13 +10,13 @@ It uses Log4j 2.14.1 (through `spring-boot-starter-log4j2` 2.6.1) and the JDK 1. Run it: -``` +```bash docker run -p 8080:8080 ghcr.io/christophetd/log4shell-vulnerable-app ``` Build it yourself (you don't need any Java-related tooling): -``` +```bash docker build . -t vulnerable-app docker run -p 8080:8080 vulnerable-app ``` @@ -25,7 +25,7 @@ docker run -p 8080:8080 vulnerable-app You can confirm the application is vulnerable by running: -``` +```bash curl 127.0.0.1:8080 -H 'X-Api-Version: ${jndi:ldap://127.0.0.1/a}' ```