log4j2-rce-poc
DogWalk-rce-poc
| log4j2-rce-poc | DogWalk-rce-poc | |
|---|---|---|
| 1 | 2 | |
| 3 | 79 | |
| - | - | |
| 4.1 | 0.0 | |
| over 2 years ago | almost 2 years ago | |
| Kotlin | Perl | |
| - | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j2-rce-poc
-
Log4J - Have your customer been breached? What have you seen if anything?
However, when using JNDI lookups, if you return properly formatted JNDI data (from a malicious server) then Java will execute that code. You can see this in PoC code: https://github.com/unlimitedsola/log4j2-rce-poc/blob/master/payload-server/src/main/kotlin/Main.kt
DogWalk-rce-poc
What are some alternatives?
Log4j-RCE-Scanner - Remote command execution vulnerability scanner for Log4j.
PoC-CVE-2022-30190 - POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina
fuelcms-rce - Fuel CMS 1.4 - Remote Code Execution
log4shell - Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
CVE-2022-26134 - CVE-2022-26134 - Atlassian Confluence unauthenticated OGNL injection vulnerability (RCE).
CVE-2021-44228_scanner - Scanners for Jar files that may be vulnerable to CVE-2021-44228
pwn_jenkins - Notes about attacking Jenkins servers
Gopherus - This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
evilgrade - Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.