Log4j-RCE-Scanner
log4j2-rce-poc
Log4j-RCE-Scanner | log4j2-rce-poc | |
---|---|---|
1 | 1 | |
255 | 3 | |
- | - | |
3.8 | 4.1 | |
9 months ago | over 2 years ago | |
Shell | Kotlin | |
GNU General Public License v3.0 only | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Log4j-RCE-Scanner
log4j2-rce-poc
-
Log4J - Have your customer been breached? What have you seen if anything?
However, when using JNDI lookups, if you return properly formatted JNDI data (from a malicious server) then Java will execute that code. You can see this in PoC code: https://github.com/unlimitedsola/log4j2-rce-poc/blob/master/payload-server/src/main/kotlin/Main.kt
What are some alternatives?
log4jpwn - log4j rce test environment and poc
DogWalk-rce-poc - š¾Dogwalk PoC (using diagcab file to obtain RCE on windows)
LogMePwn - A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
fuelcms-rce - Fuel CMS 1.4 - Remote Code Execution
log4j-scan-turbo - Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.
log4shell - Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
log4j-scan - A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
CVE-2021-44228_scanner - Scanners for Jar files that may be vulnerable to CVE-2021-44228
log4shell-vulnerable-app - Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
canarytokens - Canarytokens helps track activity and actions on your network.
log4j-finder - Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
log4jshield - Log4j Shield - fast ā”, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher