Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Home Page: https://log4shell.alexbakker.me
License: MIT License
Compile and run a simple Java program Log4jCaller.java, with your ID:
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
/**
See https://log4shell.tools, check permission box, note the ID, click Start ...
Run below, using your ID instead of c24099b7-f925-445b-b0e4-a656b277088f (likely expired)
<pre>
wget https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.10.0/log4j-api-2.10.0.jar
wget https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.10.0/log4j-core-2.10.0.jar
export CLASSPATH=.:log4j-api-2.10.0.jar:log4j-core-2.10.0.jar
echo "log4j.rootLogger=DEBUG" > log4j2.properties
javac Log4jCaller.java
java Log4jCaller c24099b7-f925-445b-b0e4-a656b277088f
</pre>
*/
public class Log4jCaller {
public static void main(String[] args) {
String id = args[0];
String d = "${jndi:dns://" + id + ".dns.log4shell.tools}";
String j = "${jndi:ldap://" + id + ".dns.log4shell.tools:12345/" + id + "}";
Logger log = LogManager.getLogger(Log4jCaller.class);
log.error(d);
log.error(j);
System.out.println("Done");
}
}
On vulnerable systems, this produces output as follows:
$ java Log4jCaller c24099b7-f925-445b-b0e4-a656b277088f
14:01:06.655 [main] ERROR Log4jCaller - ${jndi:dns://c24099b7-f925-445b-b0e4-a656b277088f.dns.log4shell.tools}
14:01:06.731 [main] ERROR Log4jCaller - Reference Class Name: Log4Shell
Thanks for this service!
这里需要安装Golang1.16版本
如果你的Linux支持科学上网,可以使用下面的方式下载Golang环境包
wget https://dl.google.com/go/go1.16.4.linux-amd64.tar.gz
因此需要手动下载并编译哦,相关包可以在我的私人网盘里下载
下载完成后,传到Linux里,解压缩
sudo tar -xvf go1.16.4.linux-amd64.tar.gz
将文件移动到**/usr/local**路径下
sudo mv go /usr/local
export GOROOT=/usr/local/go
export GOPATH=$HOME/Projects/FancyPig
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
# 启用 Go Modules 功能
go env -w GO111MODULE=on
# 配置 GOPROXY 环境变量,以下三选一
# 1. 七牛 CDN
go env -w GOPROXY=https://goproxy.cn,direct
# 2. 阿里云
go env -w GOPROXY=https://mirrors.aliyun.com/goproxy/,direct
# 3. 官方
go env -w GOPROXY=https://goproxy.io,direct
#检验是否已启用相关镜像源
go env | grep GOPROXY
输入下面命令下载相关工具
go install github.com/alexbakker/log4shell-tools/cmd/log4shell-tools-server
下载完成之后,我们需要到**$GOPATH/bin**路径下去找,可以输入下面命令去看环境变量具体的设置
go env
然后进入到**$GOPATH/bin**路径下,启动应用即可
./log4shell-tools-server
如果,你还想增加更多的参数可以参考下面的步骤,我这里比方说内网部署的IP地址是192.168.10.217
则可以输入下面的命令
./log4shell-tools-server -http-addr 192.168.10.217:8001 -ldap-addr 192.168.10.217:12345 -ldap-addr-external 192.168.10.217:12345 -http-addr-external 192.168.10.217:8001
都调试好了之后,便可以通过192.168.10.217:8001访问了
访问我们设置好的192.168.10.217:8001,点击start
获取相应的LDAP链接,然后就可以通过该链接进行log4j的测试了!
如果,你发现启动的时候提示端口被占用,可以使用以下命令
![图片[1]-如何部署一个在线检测Log4j漏洞的工具?-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2021/12/20211216035858857.png?x-oss-process=image/auto-orient,1/interlace,1/quality,q_90/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[2]-如何部署一个在线检测Log4j漏洞的工具?-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2021/12/20211216035954628.png?x-oss-process=image/auto-orient,1/interlace,1/quality,q_90/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
ps aux | grep log4
找到log4的相应进程ID,然后把他干掉
kill -9 进程ID
nohup ./log4shell-tools-server
如果你后面还有相应的字段,需要自行添加
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.