CVE-2021-44228 in Minecraft

Java 16
Paper server build #397
Minecraft 1.17.1

Exploitation

In Java 16 only deserialization attacks work by default using log4j. To exploit this there needs to be a vulnerable serializable class in the classpath. In the current state of this repository the server will only send a serialized string object. If you found a vulnerable serializable class feel free to create a pull request.

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
.gradle		.gradle
.idea		.idea
build		build
gradle/wrapper		gradle/wrapper
src/main/java		src/main/java
README.md		README.md
build.gradle		build.gradle
gradlew		gradlew
gradlew.bat		gradlew.bat
settings.gradle		settings.gradle

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2021-44228 in Minecraft

Exploitation

About

Releases

Packages

Languages

myyxl/cve-2021-44228-minecraft-poc

Folders and files

Latest commit

History

Repository files navigation

CVE-2021-44228 in Minecraft

Exploitation

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages