@LiveOverflow
@LiveOverflow
LiveOverflow | Log4j Lookups in Depth // Log4Shell CVE-2021-44228 - Part 2 @LiveOverflow | Uploaded 2 years ago | Updated 1 hour ago
In this video we dig a layer deeper into Log4j. We get a quick overview how Log4j is parsing lookup strings and find the functions used in WAF bypasses. Then we bridge the gap to format string vulnerabilities and figure out why the noLookups mitigation has flaws.

Part 1 - Hackers vs. Developers // CVE-2021-44228 Log4Shell: youtube.com/watch?v=w2F67LbEtnk

My lamest GitHub repo ever: github.com/LiveOverflow/log4shell

--

00:00 - Intro
00:38 - Chapter #1: Log4j Lookups in Depth Debugging
03:50 - Log Layout Formatters
06:56 - Chapter #2: Secure Software Design
09:21 - Chapter #3: Format String Vulnerabilities
13:58 - Chapter #4: noLookups Mitigation
15:15 - Final Worlds
15:42 - Outro

-=[ ❀️ Support ]=-

β†’ per Video: patreon.com/join/liveoverflow
β†’ per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ πŸ• Social ]=-

β†’ Twitter: twitter.com/LiveOverflow
β†’ Instagram: instagram.com/LiveOverflow
β†’ Blog: liveoverflow.com
β†’ Subreddit: reddit.com/r/LiveOverflow
β†’ Facebook: facebook.com/LiveOverflow
Log4j Lookups in Depth // Log4Shell CVE-2021-44228 - Part 2Self-aware Video: it knows its own YouTube Video ID?Flying Without ElytraCyber Security Challenge Germany (2023)How Do Linux Kernel Drivers Work? - Learning ResourceVLC Kill Bill: Easter Egg Reverse EngineeringWe are Organizing a CTF! - CSCG AnnouncementThe End Of Haxember - See You In 2020!Fuzzing Java to Find Log4j Vulnerability - CVE-2021-45046A Vulnerability to Hack The World - CVE-2023-4863Understand Security Risk vs. Security Vulnerability!Trying to Find a Bug in WordPress

Log4j Lookups in Depth // Log4Shell CVE-2021-44228 - Part 2 @LiveOverflow

SHARE TO X SHARE TO REDDIT SHARE TO FACEBOOK WALLPAPER