So it turns out a lot of the original patches put in place to stop this exploit are not effective. Even if servers say they have been patched they may in-fact still be vulnerable. "" “In our research, we have demonstrated that 2.15.0 can still allow for exfiltration of sensitive data in certain circumstances,” Praetorian researcher Nathan Sportsman wrote. “We have passed technical details of the issue to the Apache Foundation, but in the interim, we strongly recommend that customers upgrade to 2.16.0 as quickly as possible.” "" More info can be found here: arstechnica.com/information-technology/2021/12/patch-fixing-critical-log4j-0-day-has-its-own-vulnerability-thats-under-exploit
@@ETHANR26 I think I made it clear that people should be careful, and that there are still work arounds. though I do appreciate your feedback even if it isn't possitive.
@@KiLABGaming Always better to err on the side of caution. Giving people acces to running code on your pc is many levels above compiling a 'hack' client, and it is a very bad idea to give the illusion that this is 'already fixed', ESPECIALLY with the history of rats in the hack client history. Minecraft absolutely SHOULD NOT be played on ANY servers where you do not completely trust ALL other users, until this has been officially resolved {and not shown up again for at least several weeks} , and hack clients should not be used until there has been a look into the code by MULTIPLE SOURCES, not just because they say, 'oh we patched it'
kilab i just discovered your channel and this video and let me tell you, KEEP UP this amazing work. this editing and story telling is incredible and can get you far up on youtube. well done.
Great vid kilab thankyou for explaining the exploit you went into a lot of detail about it and I'm definitely not going to be playing mc for a while as I do know for sure there is currently a bypass as a couple of friends have told me
@@KiLABGaming yeah thats true there are two working bypasses that I know of one of my friends is still working out how they work and what we can do to protect ourselves
I think its great that you want to educate some people about the log4shell exploit. Make sure however that your information is correct. Log4Shell was not discovered on minecraft. People later discovered you could also use it on minecraft, which also had a massive effect on it.
Couldn’t you reverse engineer the exploit to hack anyone who makes your computer run something by Isengard their ip and the code that they make u run and potentially rat them.
So it turns out a lot of the original patches put in place to stop this exploit are not effective.
Even if servers say they have been patched they may in-fact still be vulnerable.
"" “In our research, we have demonstrated that 2.15.0 can still allow for exfiltration of sensitive data in certain circumstances,”
Praetorian researcher Nathan Sportsman wrote. “We have passed technical details of the issue to the Apache Foundation,
but in the interim, we strongly recommend that customers upgrade to 2.16.0 as quickly as possible.” ""
More info can be found here:
arstechnica.com/information-technology/2021/12/patch-fixing-critical-log4j-0-day-has-its-own-vulnerability-thats-under-exploit
Almost first
yeah this video should be taken down.. you can't be telling people it is patched when no one knows
@@ETHANR26 I think I made it clear that people should be careful, and that there are still work arounds. though I do appreciate your feedback even if it isn't possitive.
@@KiLABGaming Always better to err on the side of caution. Giving people acces to running code on your pc is many levels above compiling a 'hack' client, and it is a very bad idea to give the illusion that this is 'already fixed', ESPECIALLY with the history of rats in the hack client history.
Minecraft absolutely SHOULD NOT be played on ANY servers where you do not completely trust ALL other users, until this has been officially resolved {and not shown up again for at least several weeks} , and hack clients should not be used until there has been a look into the code by MULTIPLE SOURCES, not just because they say, 'oh we patched it'
@@ETHANR26 I agree with you and that is basically what I said in the video.
Interesting, your video edits are getting better and better :D
Great video
Thank you that is very kind :o
i was waiting for it. pretty good explanation.
sorry it took so long :o
Awesome video! Loved every second of it.
Absolute legend, thanks for all of the help 🙏
hi Krazzzzy
Monki
hi krazzzzy
Hai 👋
great vid kilab! so well made
Thank you :D
Dude this is so high quality , such a great edition !!
Thank you!!!
First again pog. Thanks for the information. This is very important thanks!
Legend
Thanks for informing us about this vulnerability. Also, great vid! Keep it up!
No problem!
Thanks for the kind comment :D
ayo here from my mums acc again
i subbed from my mums acc
lol
Ayyy thanks for the support!
Damn! Great video! Thank you for alterting other people of this
Thank you!
Cool video as always kilab
🙏
kilab i just discovered your channel and this video and let me tell you, KEEP UP this amazing work. this editing and story telling is incredible and can get you far up on youtube. well done.
Yo thank you so much, I can't tell you how much I appreciate your comment :D
Great vid kilab thankyou for explaining the exploit you went into a lot of detail about it and I'm definitely not going to be playing mc for a while as I do know for sure there is currently a bypass as a couple of friends have told me
Thank you!
Yeah, better safe than sorry...
@@KiLABGaming yeah thats true there are two working bypasses that I know of one of my friends is still working out how they work and what we can do to protect ourselves
@@Wp-jv5ed Scary
Wow That intro is sick!
Ay thank you
Can you pls make a cco vid on mahanware
As soon as i heard about it i wondered: "when is kilab going to make a vid on this?"
Ayyyyy hahahah
His teaching level is so high that I thot that this is next disaster after covid XD
xD
@@KiLABGaming can you be my maths and physics teacher xD
@@linux-guy9596 Hahahha best comment yet!
Well done great video
Can we have the source code of krazzy's proof of concept jar? Also rip hub he didn't get credited
I think its great that you want to educate some people about the log4shell exploit. Make sure however that your information is correct. Log4Shell was not discovered on minecraft. People later discovered you could also use it on minecraft, which also had a massive effect on it.
Kilab make based video
Thank you
Couldn’t you reverse engineer the exploit to hack anyone who makes your computer run something by Isengard their ip and the code that they make u run and potentially rat them.
Video great but you are late.
Please don't mind no hate
Good things take time 😛
KiLAB, can log4j infect macOS? I would appreciate it if I could know
Yes, any system running vulnerable versions of java
@@KiLABGaming ty!
@@f4lcxn np :D
@@KiLABGaming :D
Nice editing skills
Thank you
nice video
Thanks!
Do you play on 0b0t?
not much
It's just a game lmao people take this so seriously
yeah xD
Bro are you on something, its more than just minecraft
@@lukron5559 True
I know I'm safe cuz
1) I didn't play Minecraft during that time
2) I always play singleplayer because I have no friends
Nice!
Is there anyway to safely play 2b2t at the moment?
Is Minecraft Java edition ok to play it now
Yes and no, there are a few bypasses on some servers
Personally I am staying away until I am 100% sure it has been patched
Ok thanks
Just let me know if it’s patch
please give me the song from chapter one ty
I will look for it :o
Can't remember its name now
3d hi kilab
Hello
nice vid
Thank you!
When can I play Minecraft Java edition
This is crazy damn
yey new vid
:D
Wow
:o
10/10 content
Ayyy shot bro
Nearly first
xD
Got covid :(
@@Truthun1versity hope u get well
Im not infected
you were late to the party like the rest
good things take time :o
Could have been faster if I did youtube full time xD
@@KiLABGaming yep XD
10th like
Legend!
Honestly
So cool
Thank you
dislike
Bruh why so salty :|