-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Apache Log4j 2
Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
ThreatMapper
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
-
Log4JShell-Bytecode-Detector
Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228)
Dig the commit back up: https://github.com/YfryTchsGD/Log4jAttackSurface/tree/31571e29052b91fb64b54fdb7085b45f9a31de3b
There is a new semgrep rule to find potential injection points in the source code: https://github.com/returntocorp/semgrep-rules/pull/1650/commits
I've put detection for this into ActiveScan++: https://github.com/PortSwigger/active-scan-plus-plus/commit/b485a0744140533d877ce244603502b42f9c6656
This conversation on the Apache github (based on the research of ceki, who is apparently the mind behind log4j 1.x) would seem to indicate otherwise. Log4j 1.x does not have a lookup mechanism and JMS Appender (which does the lookup for Log4j 1.x) does not have this vulnerability.
I published some code with detailed steps 写了下详细的复现步骤 https://github.com/udoless/apache-log4j-rce-poc
Proof of Concept
For example search for the vulnerable files: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
All of us are scrambling to upgrade to 2. This OSS tool can help prioritise attack paths using runtime context. We had a potential exposure due to Elasticsearch, found out and patched. https://github.com/deepfence/ThreatMapper
u/sanitybit My colleagues have written a detector for the vulnerability: https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector
Related posts
-
Log4j: Between a Rock and a Hard Place
-
☸️ Kubernetes: From your docker-compose file to a cluster with Kompose
-
Homelab vulnerability/virus scanner
-
KWOK : mettre en place un cluster de milliers de nœuds en quelques secondes …
-
Sublime Music - A FLOSS desktop client for Subsonic API servers (Airsonic, Navidrome, Gonic, etc)