hotpatch-for-apache-log4j2
PowerShellSnippets
hotpatch-for-apache-log4j2 | PowerShellSnippets | |
---|---|---|
10 | 8 | |
497 | 55 | |
0.0% | - | |
0.0 | 4.9 | |
over 1 year ago | over 2 years ago | |
Java | PowerShell | |
GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
hotpatch-for-apache-log4j2
- Log4j vulnerability mitigation
- Amazon Linux Hotpatch for Apache Log4j Needs a Patch
- AWS injected bad code into customer run Java web apps
- AWS’s Hotpatch Agent for Log4j
-
Log4Shell Remediation Cheat Sheet | Created by Java Champion and security researcher at Snyk
For mitigation, there is also the option of last resort of hotpatching the JVM that was posted here a couple times: https://github.com/corretto/hotpatch-for-apache-log4j2
- A JavaAgent based hotpatch for fixing live JVMs with the log4shell vulnerability
-
Hotpatch for Apache Log4j released
Source Code - https://github.com/corretto/hotpatch-for-apache-log4j2
- corretto/hotpatch-for-apache-log4j2: An agent to hotpatch the log4j RCE from CVE-2021-44228, no JVM restarts needed. Patching > hotpatching > nothing.
- A Java based hotpatch for the Log4Shell vulnerability (log4j2 CVE)
PowerShellSnippets
-
Script all database object to single file per object using dbatools
So if for whatever reason you can't get the dba tools to work (it looks like there is a viable answer above), you can always use scripting options with the script method to script out database objects, via SMO. I have a sample script here which is a bit different from what you've asked for, but shows the fundamentals of what you might want to do.
- Log4j vulnerability mitigation
-
In case anyone needs it, here's a quick and dirty powershell script to patch log4j to prevent log4shell (CVE-2021-44228)
Not that messy! I added a link to this thread and direct to the github link from my README on my scanner utility repo. When I get a chance I may borrow this and updated it to use the same remote methods I used in the last script, but read the file/computer list from my generated CSV - that way people can clean up the CSV for their particular targets, and push an update with this script. Nice work!
- The Log4j Vulnerability Explained : Detection and Exploitation | TryHackMe Log4j
-
Log4j PDQ scan profile
The issue with searching for log4j*.jar is that you miss out on bundled jars which have different filenames hashes. It might be a better approach to search for all jar files and look inside if there is a jndilookup.class mentioned. This might add some false positives - but this is imho better than false negatives. Here is a powershell script which implements that approach: https://github.com/omrsafetyo/PowerShellSnippets/blob/master/Invoke-Log4ShellScan.ps1
- Log4j 0day being exploited (mega thread/ overview)
- Log4Shell Scanner multi-server, massively parallel PowerShell
What are some alternatives?
CVE-2021-44228_scanner - Scanners for Jar files that may be vulnerable to CVE-2021-44228
CVE-2021-44228-Log4Shell-Hashes - Hashes for vulnerable LOG4J versions
hotpatch-for-apache-log4j2 - An agent to hotpatch the log4j RCE from CVE-2021-44228.
Logout4Shell - Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
Log4j-PoSH - Powershell tools for log4j vulnerability
log4shell-tool - Log4Shell Enumeration, Mitigation and Attack Detection Tool
incidentresponse
jmxfetch - Export JMX metrics
Apache Log4j 2 - Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
log4j-detector - A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC