Walkthrough of the TryHackMe room Solar, using the latest log4j exploit (CVE-2021-44228) to obtain a reverse shell on a vulnerable host.
https://tryhackme.com/room/solar
Contents:
00:00 - [Introduction]
1:32 - [Reconnaissance]
2:16 - [Discovery]
4:50 - [Proof of Concept]
7:00 - [Exploitation]
12:18 - [Persistence]
13:52 - [Detection]
14:30 - [Bypasses]
14:50 - [Mitigation]
15:50 - [Patching]
16:25 - [Credits and Author's Notes]
