Wonder what does an actual Log4J attack look like?
I wrote a breakdown of an attack performed on one of my systems.
Attackers shell scripts I was able to fetch are included in a detailed description of the whole process and tools used to perform the attack.
This is a single-user instance and the registration will never be open.
You can choose a public Mastodon instance here.
Feel free to send me a follow request once you've joined the Fediverse!