Company
Date Published
Author
John Graham-Cumming, Celso Martinho
Word count
1221
Language
English
Hacker News points
4

Summary

The blog post discusses evasion patterns and exfiltration attempts related to the CVE-2021-44228 vulnerability, also known as Log4Shell. It highlights that attackers initially used simple strings for exploitation but quickly switched to more complex methods to bypass Web Application Firewalls (WAFs). The post provides examples of evasion techniques and explains how the language used in Log4j allows for obscuring key strings. Additionally, it presents a chart showing the evolution of blocked attacks over time. The article emphasizes the importance of patching systems with up-to-date Log4j or applying mitigations to prevent exploitation.