{"id":477869,"date":"2023-08-09T09:21:36","date_gmt":"2023-08-09T09:21:36","guid":{"rendered":""},"modified":"2023-09-05T11:15:35","modified_gmt":"2023-09-05T11:15:35","slug":"log4shell","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/log4shell\/","title":{"rendered":"Log4Shell"},"content":{"rendered":"

Log4Shell l\u00e0 m\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng xu\u1ea5t hi\u1ec7n v\u00e0o cu\u1ed1i n\u0103m 2021 v\u00e0 l\u00e0m rung chuy\u1ec3n b\u1ed1i c\u1ea3nh an ninh m\u1ea1ng. N\u00f3 khai th\u00e1c m\u1ed9t l\u1ed7 h\u1ed5ng trong th\u01b0 vi\u1ec7n ghi nh\u1eadt k\u00fd \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i, Apache Log4j v\u00e0 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 t\u1eeb xa tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng. M\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng c\u1ee7a l\u1ed7 h\u1ed5ng n\u00e0y \u0111\u00e3 mang l\u1ea1i cho n\u00f3 x\u1ebfp h\u1ea1ng CVSS (H\u1ec7 th\u1ed1ng ch\u1ea5m \u0111i\u1ec3m l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt ph\u1ed5 bi\u1ebfn) \u201c10,0\u201d, \u0111i\u1ec3m cao nh\u1ea5t c\u00f3 th\u1ec3, cho th\u1ea5y kh\u1ea3 n\u0103ng g\u00e2y ra thi\u1ec7t h\u1ea1i tr\u00ean di\u1ec7n r\u1ed9ng v\u00e0 t\u00e0n kh\u1ed1c.<\/p>\n

L\u1ecbch s\u1eed ngu\u1ed3n g\u1ed1c c\u1ee7a Log4Shell v\u00e0 l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn n\u00f3.<\/h2>\n

Ngu\u1ed3n g\u1ed1c c\u1ee7a Log4Shell b\u1eaft ngu\u1ed3n t\u1eeb vi\u1ec7c t\u1ea1o ra Apache Log4j, m\u1ed9t khung ghi nh\u1eadt k\u00fd ngu\u1ed3n m\u1edf ph\u1ed5 bi\u1ebfn \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong nhi\u1ec1u \u1ee9ng d\u1ee5ng d\u1ef1a tr\u00ean Java kh\u00e1c nhau. V\u00e0o cu\u1ed1i n\u0103m 2021, c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt \u0111\u00e3 ph\u00e1t hi\u1ec7n ra m\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong Log4j, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng ti\u00eam m\u00e3 \u0111\u1ed9c v\u00e0o h\u1ec7 th\u1ed1ng th\u00f4ng qua c\u01a1 ch\u1ebf ghi nh\u1eadt k\u00fd. L\u1ea7n \u0111\u1ea7u ti\u00ean c\u00f4ng ch\u00fang \u0111\u1ec1 c\u1eadp \u0111\u1ebfn Log4Shell x\u1ea3y ra khi Trung t\u00e2m \u0110i\u1ec1u ph\u1ed1i CERT t\u1ea1i \u0110\u1ea1i h\u1ecdc Carnegie Mellon c\u00f4ng b\u1ed1 ghi ch\u00fa v\u1ec1 l\u1ed7 h\u1ed5ng (CVE-2021-44228) v\u00e0o ng\u00e0y 9 th\u00e1ng 12 n\u0103m 2021.<\/p>\n

Th\u00f4ng tin chi ti\u1ebft v\u1ec1 Log4Shell. M\u1edf r\u1ed9ng ch\u1ee7 \u0111\u1ec1 Log4Shell.<\/h2>\n

T\u00e1c \u0111\u1ed9ng c\u1ee7a Log4Shell v\u01b0\u1ee3t xa ch\u1ec9 Apache Log4j, v\u00ec nhi\u1ec1u \u1ee9ng d\u1ee5ng v\u00e0 s\u1ea3n ph\u1ea9m \u0111\u00e3 t\u00edch h\u1ee3p th\u01b0 vi\u1ec7n n\u00e0y, khi\u1ebfn ch\u00fang d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng. L\u1ed7 h\u1ed5ng n\u1eb1m \u1edf c\u00e1ch Log4j x\u1eed l\u00fd c\u00e1c th\u00f4ng \u0111i\u1ec7p t\u01b0\u1eddng tr\u00ecnh bao g\u1ed3m d\u1eef li\u1ec7u do ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p, \u0111\u1eb7c bi\u1ec7t khi s\u1eed d\u1ee5ng t\u00ednh n\u0103ng \u201ctra c\u1ee9u\u201d \u0111\u1ec3 tham chi\u1ebfu c\u00e1c bi\u1ebfn m\u00f4i tr\u01b0\u1eddng.<\/p>\n

Khi m\u1ed9t t\u00e1c nh\u00e2n \u0111\u1ed9c h\u1ea1i t\u1ea1o ra m\u1ed9t th\u00f4ng \u0111i\u1ec7p t\u01b0\u1eddng tr\u00ecnh \u0111\u01b0\u1ee3c t\u1ea1o ra \u0111\u1eb7c bi\u1ec7t b\u1eb1ng c\u00e1ch tra c\u1ee9u b\u1ecb thao t\u00fang, n\u00f3 s\u1ebd k\u00edch ho\u1ea1t vi\u1ec7c th\u1ef1c thi m\u00e3 t\u1eeb xa. \u0110i\u1ec1u n\u00e0y g\u00e2y ra m\u1ed1i \u0111e d\u1ecda \u0111\u00e1ng k\u1ec3 v\u00ec k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 khai th\u00e1c Log4Shell \u0111\u1ec3 truy c\u1eadp tr\u00e1i ph\u00e9p, \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, l\u00e0m gi\u00e1n \u0111o\u1ea1n d\u1ecbch v\u1ee5 v\u00e0 th\u1eadm ch\u00ed chi\u1ebfm to\u00e0n quy\u1ec1n ki\u1ec3m so\u00e1t c\u00e1c h\u1ec7 th\u1ed1ng \u0111\u01b0\u1ee3c nh\u1eafm m\u1ee5c ti\u00eau.<\/p>\n

C\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a Log4Shell. C\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Log4Shell.<\/h2>\n

Log4Shell khai th\u00e1c c\u01a1 ch\u1ebf \u201ctra c\u1ee9u\u201d Log4j b\u1eb1ng c\u00e1ch ch\u1ec9 \u0111\u1ecbnh \u1ee9ng d\u1ee5ng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng l\u00e0m ngu\u1ed3n tra c\u1ee9u cho c\u00e1c bi\u1ebfn m\u00f4i tr\u01b0\u1eddng. Khi \u1ee9ng d\u1ee5ng nh\u1eadn \u0111\u01b0\u1ee3c th\u00f4ng b\u00e1o nh\u1eadt k\u00fd \u0111\u1ed9c h\u1ea1i, n\u00f3 s\u1ebd ph\u00e2n t\u00edch c\u00fa ph\u00e1p v\u00e0 c\u1ed1 g\u1eafng gi\u1ea3i quy\u1ebft c\u00e1c bi\u1ebfn m\u00f4i tr\u01b0\u1eddng \u0111\u01b0\u1ee3c tham chi\u1ebfu, v\u00f4 t\u00ecnh th\u1ef1c thi m\u00e3 c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng.<\/p>\n

\u0110\u1ec3 h\u00ecnh dung qu\u00e1 tr\u00ecnh c\u1ee7a Log4Shell, h\u00e3y xem x\u00e9t tr\u00ecnh t\u1ef1 sau:<\/p>\n

    \n
  1. K\u1ebb t\u1ea5n c\u00f4ng t\u1ea1o ra m\u1ed9t th\u00f4ng \u0111i\u1ec7p t\u01b0\u1eddng tr\u00ecnh \u0111\u1ed9c h\u1ea1i c\u00f3 ch\u1ee9a c\u00e1c tra c\u1ee9u b\u1ecb thao t\u00fang.<\/li>\n
  2. \u1ee8ng d\u1ee5ng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng s\u1ebd ghi l\u1ea1i th\u00f4ng b\u00e1o b\u1eb1ng Log4j, k\u00edch ho\u1ea1t c\u01a1 ch\u1ebf tra c\u1ee9u.<\/li>\n
  3. Log4j c\u1ed1 g\u1eafng gi\u1ea3i quy\u1ebft vi\u1ec7c tra c\u1ee9u, th\u1ef1c thi m\u00e3 c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng.<\/li>\n
  4. Vi\u1ec7c th\u1ef1c thi m\u00e3 t\u1eeb xa x\u1ea3y ra, c\u1ea5p cho k\u1ebb t\u1ea5n c\u00f4ng quy\u1ec1n truy c\u1eadp tr\u00e1i ph\u00e9p.<\/li>\n<\/ol>\n

    Ph\u00e2n t\u00edch c\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a Log4Shell.<\/h2>\n

    C\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a Log4Shell khi\u1ebfn n\u00f3 tr\u1edf th\u00e0nh l\u1ed7 h\u1ed5ng c\u1ef1c k\u1ef3 nguy hi\u1ec3m bao g\u1ed3m:<\/p>\n

      \n
    1. \u0110i\u1ec3m CVSS cao<\/strong>: Log4Shell \u0111\u1ea1t \u0111\u01b0\u1ee3c \u0111i\u1ec3m CVSS l\u00e0 10,0, n\u00eau b\u1eadt m\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng v\u00e0 kh\u1ea3 n\u0103ng g\u00e2y s\u00e1t th\u01b0\u01a1ng tr\u00ean di\u1ec7n r\u1ed9ng c\u1ee7a n\u00f3.<\/li>\n
    2. T\u00e1c \u0111\u1ed9ng r\u1ed9ng r\u00e3i<\/strong>: Do s\u1ef1 ph\u1ed5 bi\u1ebfn c\u1ee7a Apache Log4j, h\u00e0ng tri\u1ec7u h\u1ec7 th\u1ed1ng tr\u00ean to\u00e0n c\u1ea7u tr\u1edf n\u00ean d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng, bao g\u1ed3m m\u00e1y ch\u1ee7 web, \u1ee9ng d\u1ee5ng doanh nghi\u1ec7p, d\u1ecbch v\u1ee5 \u0111\u00e1m m\u00e2y, v.v.<\/li>\n
    3. Khai th\u00e1c nhanh<\/strong>: T\u1ed9i ph\u1ea1m m\u1ea1ng nhanh ch\u00f3ng th\u00edch nghi \u0111\u1ec3 khai th\u00e1c l\u1ed7 h\u1ed5ng, khi\u1ebfn c\u00e1c t\u1ed5 ch\u1ee9c ph\u1ea3i kh\u1ea9n c\u1ea5p v\u00e1 h\u1ec7 th\u1ed1ng c\u1ee7a m\u00ecnh k\u1ecbp th\u1eddi.<\/li>\n
    4. \u0110a n\u1ec1n t\u1ea3ng<\/strong>: Log4j l\u00e0 l\u1ed7 h\u1ed5ng \u0111a n\u1ec1n t\u1ea3ng, ngh\u0129a l\u00e0 l\u1ed7 h\u1ed5ng n\u00e0y \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn nhi\u1ec1u h\u1ec7 \u0111i\u1ec1u h\u00e0nh kh\u00e1c nhau, bao g\u1ed3m Windows, Linux v\u00e0 macOS.<\/li>\n
    5. V\u00e1 b\u1ecb tr\u00ec ho\u00e3n<\/strong>: M\u1ed9t s\u1ed1 t\u1ed5 ch\u1ee9c ph\u1ea3i \u0111\u1ed1i m\u1eb7t v\u1edbi nh\u1eefng th\u00e1ch th\u1ee9c trong vi\u1ec7c \u00e1p d\u1ee5ng k\u1ecbp th\u1eddi c\u00e1c b\u1ea3n v\u00e1, khi\u1ebfn h\u1ec7 th\u1ed1ng c\u1ee7a h\u1ecd b\u1ecb l\u1ed9 trong m\u1ed9t th\u1eddi gian d\u00e0i.<\/li>\n<\/ol>\n

      C\u00e1c lo\u1ea1i Log4Shell<\/h2>\n

      Log4Shell c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c ph\u00e2n lo\u1ea1i d\u1ef1a tr\u00ean lo\u1ea1i \u1ee9ng d\u1ee5ng v\u00e0 h\u1ec7 th\u1ed1ng m\u00e0 n\u00f3 t\u00e1c \u0111\u1ed9ng. C\u00e1c lo\u1ea1i ch\u00ednh bao g\u1ed3m:<\/p>\n\n\n\n\n\n\n\n\n
      Ki\u1ec3u<\/th>\nS\u1ef1 mi\u00eau t\u1ea3<\/th>\n<\/tr>\n<\/thead>\n
      M\u00e1y ch\u1ee7 web<\/td>\nC\u00e1c m\u00e1y ch\u1ee7 web d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng tr\u00ean Internet, cho ph\u00e9p th\u1ef1c thi m\u00e3 t\u1eeb xa.<\/td>\n<\/tr>\n
      \u1ee8ng d\u1ee5ng doanh nghi\u1ec7p<\/td>\nC\u00e1c \u1ee9ng d\u1ee5ng doanh nghi\u1ec7p d\u1ef1a tr\u00ean Java s\u1eed d\u1ee5ng Log4j v\u00e0 d\u1ec5 b\u1ecb khai th\u00e1c.<\/td>\n<\/tr>\n
      D\u1ecbch v\u1ee5 \u0111i\u1ec7n to\u00e1n \u0111\u00e1m m\u00e2y<\/td>\nN\u1ec1n t\u1ea3ng \u0111\u00e1m m\u00e2y ch\u1ea1y \u1ee9ng d\u1ee5ng Java v\u1edbi Log4j khi\u1ebfn ch\u00fang g\u1eb7p r\u1ee7i ro.<\/td>\n<\/tr>\n
      Thi\u1ebft b\u1ecb IoT<\/td>\nC\u00e1c thi\u1ebft b\u1ecb Internet of Things (IoT) s\u1eed d\u1ee5ng Log4j, c\u00f3 kh\u1ea3 n\u0103ng d\u1eabn \u0111\u1ebfn c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng t\u1eeb xa.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      C\u00e1c c\u00e1ch s\u1eed d\u1ee5ng Log4Shell, c\u00e1c v\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p li\u00ean quan \u0111\u1ebfn vi\u1ec7c s\u1eed d\u1ee5ng.<\/h2>\n

      C\u00e1c c\u00e1ch s\u1eed d\u1ee5ng Log4Shell:<\/strong><\/p>\n