Readme cosmetics

This commit is contained in:
Christophe Tafani-Dereeper 2021-12-10 13:51:56 +01:00
parent a230ccf303
commit 7a1af2424a
No known key found for this signature in database
GPG Key ID: 6F8E56891D02B6F7

View File

@ -10,13 +10,13 @@ It uses Log4j 2.14.1 (through `spring-boot-starter-log4j2` 2.6.1) and the JDK 1.
Run it: Run it:
``` ```bash
docker run -p 8080:8080 ghcr.io/christophetd/log4shell-vulnerable-app docker run -p 8080:8080 ghcr.io/christophetd/log4shell-vulnerable-app
``` ```
Build it yourself (you don't need any Java-related tooling): Build it yourself (you don't need any Java-related tooling):
``` ```bash
docker build . -t vulnerable-app docker build . -t vulnerable-app
docker run -p 8080:8080 vulnerable-app docker run -p 8080:8080 vulnerable-app
``` ```
@ -25,7 +25,7 @@ docker run -p 8080:8080 vulnerable-app
You can confirm the application is vulnerable by running: You can confirm the application is vulnerable by running:
``` ```bash
curl 127.0.0.1:8080 -H 'X-Api-Version: ${jndi:ldap://127.0.0.1/a}' curl 127.0.0.1:8080 -H 'X-Api-Version: ${jndi:ldap://127.0.0.1/a}'
``` ```