CVE-2021-4428

To determine if a host is vulnerable to log4j CVE‐2021‐44228

check-log4j This tool will try to determine if the host it is running on is likely vulnerable to the latest reason that the internet is on fire: the log4j RCE CVE‐2021‐44228 This is different from other tools that attempt to verify whether a specific service is vulnerable by triggering the exploit and eg, tracking pingbacks on a DNS canary token That approach tells you

CVE-2021-4428 复现

CVE-2021-4428 复现 本DEMO是针对Log4j2 超高危RCE漏洞CVE-2021-4428的复现DEMO，目的是认识该漏洞的危害性并根据您系统的情况做出针对性的防御。 警告 本DEMO只是针对技术层面的研究，不涉及恶意远程计算机侵入方面的相关脚本。请勿利用漏洞进行非法侵入他人计算机的违法活动。否则您将可能�

Blind SSRF Oneliner(X-Forwarded-Host): echo "testphpvulnwebcom"|assetfinder|httprobe|while read url; do ssrf=$(curl -s -L $url -H "X-Forwarded-Host: pingbin/p/6305faa38a067b8717e6d09db07f");echo -e "$url -> X-Forwarded-Host: injected";done echo "testphpvulnwebcom"|assetfinder|httpx|while read url; do ssrf=$(curl -s -L $url -H

Log4J-Scanner-one-liner This One liner bash script scans the domains and it's subdomains for Log4j (CVE-2021-4428) with help of "Subfinder", "HTTPX" and "httprobe" MAKE sure that you have "Subfinder", "HTTPX" and "httprobe" installed REPLACE domaincom and BURPCLINK with your own burp collaborator link

This repo contains IoCs which are associated with exploitation of CVE-2021-4428.

Log4Shell This repo contains IoCs which are associated with exploitation of CVE-2021-4428

log4sh is an advanced logging framework for Unix shell scripts.

log4sh log4sh is an advanced logging framework for shell scripts (eg sh, bash) that works similar to the logging products available from the Apache Software Foundataion (eg log4j, log4perl) log4sh provides different releases so that users can depend on functionality within a release series It uses a variant of the XYZ Semantic Versioning system X -- major release Signi

To determine if a host is vulnerable to log4j CVE‐2021‐44228

check-log4j This tool will try to determine if the host it is running on is likely vulnerable to the latest reason that the internet is on fire: the log4j RCE CVE‐2021‐44228 This is different from other tools that attempt to verify whether a specific service is vulnerable by triggering the exploit and eg, tracking pingbacks on a DNS canary token That approach tells you

Log4j vulnerability demo

log4j-vuln-demo Log4j vulnerability demo cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2021-45046 CVE: CVE-2021-4428 | CVE-2021-45046 demo apache log4j2 vuln execute RCE via logs ${jndi:ldap://127001:3000} postman collection for testing Local Startup Open 2 terminal shell Shell 1: Vulnerable Application [Green] /gradlew bootRun

This tool creates a custom signature set on F5 WAF and apply to policies in blocking mode

f5-waf-quick-patch-CVE-2021-44228 F5 Networks Advanced WAF/ASM Quick Patch CVE 2021-44228 Overview This tool connects to a BIG-IP device and creates a custom signature set called CVE-2021-4428 and apply it to all policies in blocking mode It also enforces all signatures and apply the changes This was tested on BIG-IP ASM v15x but I believe it should work for v13x/v14x/v16