Closed stickybit001 closed 1 year ago
stickybit001
commented
1 year ago additional information about the target :
solr apache 8.3.0 with OpenJDK 64-Bit Server VM 11.0.7+10-post-Ubuntu-3ubuntu1 -Dlog4j.configurationFile=file:/var/solr/log4j2.xml
I have tried different java version in my machine mentionned in issue #28, no luck in exploitation Am i falling in the rabbit hole or should I try something else ?
mbechler
commented
1 year ago The warning is completetly unrelated. What counts is the Java version on the target, which is (way) too new for this generic exploit vector to work. Have a look at https://github.com/veracode-research/rogue-jndi which has some environment specific ones, however, not sure whether these apply to the solr server environment
stickybit001
commented
1 year ago Down to a rabbit hole thanks for the reply
Hi i have found the same issue as the earlier tickets before it is closed
I want to know why this warning is shown