Light

1lann / log4shelldetect Goto Github PK

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

License: The Unlicense

Go 100.00%

log4j log4shell scanner cve-2021-44228 vulnerability-scanners cve-2021-45046 log4j2

log4shelldetect's Introduction

log4shelldetect

Scans a file or folder recursively for Java programs that may be vulnerable to:

CVE-2021-44228 (Log4Shell) (v2.0.x - v2.14.x)
CVE-2021-45046 (v2.15.x)
CVE-2021-45105 (v2.16.x)¹

by inspecting the class paths inside files.

If you only want possibly vulnerable files to be printed rather than all files, run with -mode list.

Usage

Usage: log4shelldetect [options] <path>

Options:
  -include-zip
        include zip files in the scan
  -mode string
        the output mode, either "report" (every java archive pretty printed) or "list" (list of potentially vulnerable files) (default "report")

License

Code here is released to the public domain under unlicense.

With the exception of velocity-1.1.9.jar which is an example vulnerable .jar file part of Velocity which is licensed under GPLv3.

2.12.2 detection is not available yet pending 2.12.3's release which I will need to test. 2.12.2 will appear as patched. ↩

log4shelldetect's People

Contributors

Stargazers

Watchers

Forkers

thorhs cloudglass turegano hbourmorck mellow-hype bryanasdev000 minsis jeffaizenbr

log4shelldetect's Issues

CVE-2021-44832

There's a newly discovered vulnerability for 2.17 and 2.17.1 fixes the issue.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832

Add excluded or inclusive filesystems to scan

We have many servers with the same mounted NFS mounts and we don't want to scan this multiple times. This app should allow either multiple specified file system paths or allow you to specify an excluded filesystem path, or maybe a combination of the two.

Get the command output

Hi @1lann and thanks for the work,
I already used your tool to scan individually some of our servers.

I wanted to scan the whole infrastructure by executing the tool with jobs on more computers, remotely.
To get the vulnerable binaries/detections & grep the output, i need to save the output of your tool in a file.

I tried everything with DOS & PowerShell without success : Out-File, RedirectStandardOutput, *>, PS Transcript... Every file i try to write keeps empty.

How can i get the output of your tool in a file ?
Thanks in advance

Edit : it seems to work with -mode report, not with -mode list

A lot of 'Access Denied' errors while running

I get a lot of access denied errors on certain files on Windows (10) while running. Especially the Recycle bin and the WER files. While these are expected, it very much clutters the view.

Please filter those out and/or create a parameter to do this. (I hope it will be off and possible a parameter to turn it on)

CVE-2021-45046

Can this detect the missing fix for the second log4j issue, CVE-2021-45046?

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.