Log4j Vulnerability Lab: Emulation and Detection
In this lab, you will set up and emulate the log4shell exploit against vulnerable applications. When you're finished, you'll have a better understanding of how the exploit works and how to detect it.
Terms and conditions apply.
Challenge
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Challenge
Setup Network Detections
In this challenge you will setup Suricata and tcpdump for network analysis and detection. You will also test the vulnerable application that will be running on the defender's endpoint.
Challenge
Setup Malicious LDAP Server and POC
This challenge will have you testing a Proof of Concept (POC) exploit against a vulnerable application.
Challenge
Upgrade to a Reverse Shell
Here you will be upgrading the previous payload to establish a reverse shell and sending commands to the exploited application.
Challenge
Analysis and Detection
In this challenge, you will dive into analyzing suricata logs and network traffic based on the previous activity that you generated.
Challenge
The Last Challenge
The last challenge of this lab and your last chance to experience the environment before clicking Next and ending this small little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
Recommended prerequisites
- Basic Linux CLI
- Basic understanding of hacking techniques
- Basic understanding of Blue Team operations