Shulou(Shulou.com)06/01 Report--

This article mainly introduces the relevant knowledge of how to solve the log4j2 vulnerability of the SpringCloud project, the content is detailed and easy to understand, the operation is simple and fast, and it has a certain reference value. I believe you will gain something after reading this article on how to solve the log4j2 vulnerability of the SpringCloud project. Let's take a look.

The steps are as follows:

2.15.0

The following is the specific dependency of the corresponding version number above

Org.apache.logging.log4j log4j-api 2.15.0 org.apache.logging.log4j log4j-to-slf4j 2.15.0

Click the maven refresh button on the right after modification

How to verify whether the version number has been modified successfully, see the following figure

Temporary solution

Temporary mitigation measures (choose one, but note that only > = 2.10.0 version is available, this option is not supported in older versions)

-add-Dlog4j2.formatMsgNoLookups=true to the jvm parameter-set LOG4J_FORMAT_MSG_NO_LOOKUPS to true in the system environment variable-create a log4j2.component.properties file, and add configuration log4j2.formatMsgNoLookups=true to the file

Attacker troubleshooting

1. Attackers usually scan and detect dnslog before profit. For Changli, they can use the "javax.naming.CommunicationException:javax.naming.NamingException" in the error report of the system.

The keywords "problem generating object using object factory" and "Error looking up JNDI resource" are checked.

two。 Traffic troubleshooting: the word "jndi:ldap" may be found in the attacker's data packet. It is recommended that Qian Xinshen Station should have full traffic of secure cloud protection system or WAF devices for retrieval and troubleshooting.

3. Log check: it can make https://github.com/Neo23x0/log4shell-detector open source item, and WEB should be checked.

Mon 06 Mon 13 Mon 20 has completed ongoing Program I, Plan II, existing tasks Love is just a word I only say one word

The well-known Java log component Apache Log4j2 has been maxed out in the circle. It has been discovered with a 0 Day vulnerability, a Log4J2 vulnerability that allows hackers to remotely execute code (Remote Code Execution) via logging. As this log library is widely used, and this loophole is very easy to use, so the risk is also very serious, so people have to improve prevention. Even customers who don't understand the code come to ask if the system has this problem.

This is the end of the article on "how to solve the log4j2 loophole in the SpringCloud project". Thank you for reading! I believe that everyone has a certain understanding of the knowledge of "how to solve the log4j2 loophole in the SpringCloud project". If you want to learn more, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.