This project is a semi-automated homelab for exploiting the Log4Shell (CVE-2021-44228) vulnerability in Minecraft. This CTF style lab has a flag called ~/secrets.txt. The goal is to use the use the malicious LDAP server running on 172.30.1.5 to get Remote Code Execution within the game and read the contents of the file.
Back in Dec 2021, when this exploit was taking off in the wild. I released a tutorial video on setting this up. Most of the manual steps in this video is covered with Vagrant shell provisioners.
- Install Virtualbox & Vagrant
vagrant plugin install vagrant-vbguestvagrant up && vagrant reload- Get ☕ and wait until provisioners are done, before interacting with the GUI
- Login to the VM using vagrant default creds
- Launch a terminal window and enter
minecraft-launcher - Sign into a Mojang/Microsoft account before playing
- Install 1.12.2 launcher
- Select Multiplayer and direct connect to
- Run the exploit in the game
*Hint: This lab comes with the feihong-cs/JNDIExploit look at it to see how it's done. *
After getting the flag, you can view the services under the hood via SSH.
vagrant sshsudo su -screen -ls
- Minecraft-Server is game; Malicious LDAP Server is killbox
- Detach from screen Ctrl-a Ctrl-d
Get rid of the VM when your done
vagrant destroy -f