For this assignment you will exploit a real world vulnerability: Log4Shell.
This will be a capture-the-flag style project where you will exploit a web application with a vulnerable version of log4j. A correct solution will output a ‘flag’ or ‘key’. There are 7 tasks to complete for 7 total flags. 6 required and 1 extra credit for a possible total of 102%. You will submit these flags in json format to Gradescope for grading in a file named project_log4shell.json.
There is a template in the /home/log4j/Desktop/log4shell folder of the VM: project_log4shell.json. Copy this file and fill out the appropriate values for the flags found. Submit this file to Gradescope for immediate feedback with the autograder. Your grade will be reflected here in Canvas after the assignment has closed.
Virtual Machine Access:
Download the VM from the provided link: CS6035-Fall-2024-RC2.ova.
Ensure you have VirtualBox 7.0.18 or higher installed.
The VM username and password is log4j andDan_Auerbach
Important - Read this before proceeding
These instructions reflect a task our writers previously completed for another student. Should you require assistance with the same assignment, please submit your homework details to our writers’ platform. This will ensure you receive an original paper, you can submit as your own. For further guidance, visit our ‘How It Works’ page.