Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
2 Jan 01, 2022
87 Dec 29, 2021
2 Jan 24, 2022
5 Nov 25, 2022
4 Jun 03, 2022
1.5k Dec 31, 2022
7 Jan 05, 2023
1 Feb 12, 2022
17 Nov 11, 2022
1 Oct 12, 2021
17 Aug 23, 2021
820 Dec 18, 2022
40 Dec 29, 2022
149 Aug 10, 2022
362 Nov 28, 2022
396 Jan 08, 2023
838 Dec 18, 2022
0 Dec 20, 2021
7 Nov 17, 2022
12 Nov 22, 2022