CVE info at mitre.org: CVE-2021-44228
Github Trending is full of repos related to this issue this week
- fullhunt/log4j-scan
- logpresso/CVE-2021-44228-Scanner
- NCSC-NL/log4shell
- mergebase/log4j-detector
- kozmer/log4j-shell-poc
- hillu/local-log4j-vuln-scanner
- leonjza/log4jpwn
- alexandre-lavoie/python-log4rce
- cloudera/cloudera-scripts-for-log4j
- corretto/hotpatch-for-apache-log4j2
- Neo23x0/log4shell-detector
List of scanners in NCSC-NL/log4shell
List of vulnerable software in NCSC-NL/log4shell
cd /usr/local/bin
wget https://github.com/logpresso/CVE-2021-44228-Scanner/releases/download/v1.6.2/logpresso-log4j2-scan-1.6.2-linux.tar.gz
tar xzf logpresso-log4j2-scan-1.6.2-linux.tar.gz
log4j2-scan /opt/myapp
Logpresso CVE-2021-44228 Vulnerability Scanner 1.6.2 (2021-12-16)
Scanning directory: /opt/myapp
Scanned 55 directories and 555 files
Found 0 vulnerable files
Found 0 potentially vulnerable files
Found 0 mitigated files
Completed in 1.08 secondscd /usr/src
git clone https://github.com/fullhunt/log4j-scan.git
cd log4j-scan
pip3 install -r requirements.txt
python3 log4j-scan.py -u http://x.y.z.v:8080
[•] CVE-2021-44228 - Apache Log4j RCE Scanner
[•] Scanner provided by FullHunt.io - The Next-Gen Attack Surface Management Platform.
[•] Secure your External Attack Surface with FullHunt.io.
[•] Initiating DNS callback server (interact.sh).
[%] Checking for Log4j RCE CVE-2021-44228.
[•] URL: http://x.y.z.v:8080
[•] URL: http://x.y.z.v:8080 | PAYLOAD: ${jndi:ldap://x.y.z.v.987729xxxxx86sv343r.interact.sh/admm65j}
[•] Payloads sent to all URLs. Waiting for DNS OOB callbacks.
[•] Waiting...
[•] Targets does not seem to be vulnerable.