My understanding is that the version 2.16 is not sufficient as a solution as it allows for denial of service attacks, so 2.17 is the current recommendation. This video is very well explained and helpful, thanks!
Hi I am new in here, I have read your comment below but don't understand, what do you mean no delete but just copy and replace? Say currently the application is using 2.14 core, and I copy the 2.17.1 core in the same folder, but don't delete the 2.14 core and keep it there?? And any configure do we need to adjust after replace the .jar files?
You can use 'cp' to achieve this purpose. Say you want to replace old 'jar' with new ones you can use the below command cp /directory/*jar /old-jar/*.jar
@@MotasemHamdan Hi I am new in here, I don't understand, what do you mean no delete but just copy and replace? Say currently the application is using 2.14 core, and I copy the 2.17.1 core in the same folder, but don't delete the 2.14 core and keep it there?? And any configure do we need to adjust after replace the .jar files?
Thank for uploading this , really informative , just one question , I am very much curious and interested to know more about this I mean , If there's a Possibility that you could guide me where I could get the code of a web application that uses log4j's vulnerable version and patched one , it would be great cuz as a developer and pentester I would really wanna inspect if for understanding purposes .. and thanks again ,
Thank you Motasem making informative video. This channel is so much underrated. Needs more subscribers and viewers.
My understanding is that the version 2.16 is not sufficient as a solution as it allows for denial of service attacks, so 2.17 is the current recommendation. This video is very well explained and helpful, thanks!
Yes exactly that was after I published the video :)
@@MotasemHamdan and after I wrote that I heard that 2.17 has issues too. We have to wait for 2.18 !
Hi I am new in here, I have read your comment below but don't understand, what do you mean no delete but just copy and replace?
Say currently the application is using 2.14 core, and I copy the 2.17.1 core in the same folder, but don't delete the 2.14 core and keep it there?? And any configure do we need to adjust after replace the .jar files?
Just replace old files with new ones :)
Hi, can u plz provide note on updating from 2.11.1 to 2.17.0 log4j for Linux elasticsearch
How to replace those files with new file if we have downloaded on same server
Can we do it at once
You can use 'cp' to achieve this purpose. Say you want to replace old 'jar' with new ones you can use the below command
cp /directory/*jar /old-jar/*.jar
@@MotasemHamdan should I delete old files afterwards? or will they be disabled ?
@@networktopics4630 No to delete just copy and replace.
@@MotasemHamdan Hi I am new in here, I don't understand, what do you mean no delete but just copy and replace?
Say currently the application is using 2.14 core, and I copy the 2.17.1 core in the same folder, but don't delete the 2.14 core and keep it there?? And any configure do we need to adjust after replace the .jar files?
Thank for uploading this , really informative , just one question , I am very much curious and interested to know more about this I mean , If there's a Possibility that you could guide me where I could get the code of a web application that uses log4j's vulnerable version and patched one , it would be great cuz as a developer and pentester I would really wanna inspect if for understanding purposes .. and thanks again ,
Take Apache struct and install log4j prior to 2.16.0.
Patched version is 2.16.0
@@MotasemHamdan Thanks ♥
Can you please provide the notes or please tell me how to get the notes
Hello Ramen, Notes are part of channel membership
th-cam.com/channels/NSdU_1ehXtGclimTVckHmQ.htmljoin
thnx
terrible