Overview

The Log4j / Log4shell vulnerability broke just as Holiday Hack was coming on line, and Counterhack didn’t want to wait 360 days to showcase it. They added two Cranberry Pi terminals to show both the Blue and Red side of Log4j exploitation right at the North Pole entrance.

Terminal - Bonus Blue Log4Jack

Challenge

Bow Nincandle is late to KringleCon, but ready to talk about Log4Jack:

image-20220107235105475

Well hello! I’m Bow Ninecandle!

Sorry I’m late to KringleCon; I got delayed by this other… thing.

Say, would you be interested in taking a look? We’re trying to defend the North Pole systems from the Yule Log4Jack vulnerability.

This terminal has everything you need to get going, and it’ll walk you through the process.

Go ahead and give it a try! No previous experience with Log4j required.

We’ll even supply a checker script in the terminal for vulnerable libraries that you could use in your own environment.

The talk Prof. Petabyte is giving will be helpful too!

Oh, and don’t worry if this doesn’t show up in your badge. This is just a fun extra!

Bow provides three hints as well:

  • Software by the Apache Foundation runs on devices all over the internet
  • Josh Wright’s simple checker script uses the power of regex to find vulnerable Log4j libraries!
  • Prof. Qwerty Petabyte is giving a lesson about Apache Log4j.

Solution

This is another terminal that’s more of a walkthrough than a challenge. I’ll solve it here with commentary:

Terminal - Bonus Red Log4Jack

Challenge

Icky McGoop is also ready to talk Log4Jack:

image-20220108000806379

Hey, I’m Icky McGoop.

Late? What’s it to you? I got here when I got here.

So anyways, I thought you might be interested in this Yule Log4Jack. It’s all the rage lately.

Yule Log4Jack is in a ton of software - helps our big guy keep track of things.

It’s kind of like salt. It’s in WAY more things than you normally think about.

In fact, a vulnerable Solr instance is running in an internal North Pole system, accessible in this terminal.

Anyways, why don’t you see if you can get to the yule.log file in this system?

Icky also provides two hints:

Solution

Much like the blue exercise, this is more of a walkthrough to solve based on the gist. I’ll show it here: