# log4j2漏洞原理简单学习

## 漏洞复现

### 1.新建Maven项目，导入依赖

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47   4.0.0 org.example MavenTest1 1.0-SNAPSHOT org.apache.maven.plugins maven-compiler-plugin 17 17 --add-exports=jdk.naming.rmi/com.sun.jndi.rmi.registry=ALL-UNNAMED org.apache.logging.log4j log4j-api 2.14.0 org.apache.logging.log4j log4j-core 2.14.0 11 11 

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46   %d{yyyy-MM-dd HH:mm:ss,SSS} %5p %c{1}:%L - %m%n /data/logs/dust-server ${pattern}${pattern}