You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
we're sending through log4j-scan.py a custom dns callback host and we are not seeing anything being returned to the internal interact.sh server.
We cleared all network roadblocks internal, but the server hit, known to be vulnerable, just does DNS queries.
We dug into this and discovered that the server being hit is trying to find via DNS the beginning of the test, not the URL or IP of the callback host.
Example: DNS query on ${jnd:${upper.nsnew.test.com , or $jndi.nsnew.test.com
Basically it is looking for the beginning of the test for dns NOT the passed callback host.
Anyone have any ideas why this is happening ?
DNS resolves nsnew.test.com perfectly.
This happens if I pass the callback host as an IP, FQDN, or http://ip or http://fqdn
any thoughts ?
thanks
The text was updated successfully, but these errors were encountered:
we're sending through log4j-scan.py a custom dns callback host and we are not seeing anything being returned to the internal interact.sh server.
We cleared all network roadblocks internal, but the server hit, known to be vulnerable, just does DNS queries.
We dug into this and discovered that the server being hit is trying to find via DNS the beginning of the test, not the URL or IP of the callback host.
Example: DNS query on ${jnd:${upper.nsnew.test.com , or $jndi.nsnew.test.com
Basically it is looking for the beginning of the test for dns NOT the passed callback host.
Anyone have any ideas why this is happening ?
DNS resolves nsnew.test.com perfectly.
This happens if I pass the callback host as an IP, FQDN, or http://ip or http://fqdn
any thoughts ?
thanks
The text was updated successfully, but these errors were encountered: