A simple automatic tool for finding vulnerable log4j hosts

Related tags

Security related resourcespythonlog4jscannercybersecurity
Overview

Log4Scan

A simple automatic tool for finding vulnerable log4j hosts

image

Installation

pip3 install -r requirements.txt

Usage

usage: log4scan.py [-h] (-f FILENAME | -e ENDPOINT) [--http] [--https] [-p PAYLOAD] [--host HOST] [-o OUTPUT_FILE] [-m MAPPING_FILE] [-t TIMEOUT] [-v]
                   [--headers-file HEADERS] [--manual] [--proxy PROXY] [--token INTERACT_TOKEN] [--headers] [--query] [--path]

options:
  -h, --help            show this help message and exit
  -f FILENAME, --filename FILENAME
                        file to use as a source of endpoints (format IP:PORT)
  -e ENDPOINT, --endpoint ENDPOINT
                        endpoint to test
  --http                Test HTTP on domains without explicit schema
  --https               Test HTTPS on domains without explicit schema
  -p PAYLOAD, --payload PAYLOAD
                        template of the testing payload to use
  --host HOST           host to send LDAP request [default: interactsh.com]
  -o OUTPUT_FILE, --output OUTPUT_FILE
                        output file with vulnerable hosts
  -m MAPPING_FILE, --mappings MAPPING_FILE
                        output file with ID<->Endpoint mapping
  -t TIMEOUT, --timeout TIMEOUT
                        request timeout [default: 10]
  -v, --verbose         verbose logging
  --headers-file HEADERS
                        file with a list of header to test
  --manual              do not run automatic verification and use the simple payload instead
  --proxy PROXY         send requests through proxy
  --token INTERACT_TOKEN
                        Custom interact.sh token

Tests:
  [default: Headers, Query, Path]

  --headers             test headers injection like user-agent and referer
  --query               test query injection in GET request as id parameter
  --path                test path injection

Basic Usage

Automatically test a single endpoint

python3 log4scan.py -e https://vulnerablemachine.com

Automatically test multiple endpoints defined in a file

python3 log4scan.py -f ./hosts.txt

Manually test multiple endpoints defined in a file with private host

python3 log4scan.py -f ./hosts.txt --manual --host privatehost.net

Manually test multiple endpoints defined in a file with custom payload and private host

python3 log4scan.py -f ./hosts.txt --manual --payload '${jndi:ldap://HOST/customprefix-ID}' --host privatehost.net

Automatically test multiple endpoints defined in a file and generate two files containing the mappings between ID and endpoints and the vulnerable endpoints

python3 log4scan.py -f ./hosts.txt -m ./mapping.csv -o ./vulnerable-endpoints.txt

Docker

Execute from image

docker run --name log4scan ghcr.io/fuji97/log4scan

Build and execute yourself

docker build . -t log4scan
docker run --name log4scan log4scan

License

This project is licensed under MIT License

Authors:

You might also like...
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
OpenSource Poc && Vulnerable-Target Storage Box.
OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

cckuailong 560 Dec 23, 2022
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

Fox-IT 431 Dec 22, 2022
Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.
Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Log4j_checker.py (CVE-2021-44228) Description This Python3 script tries to look for servers vulnerable to CVE-2021-44228, also known as Log4Shell, a v

lfama 8 Feb 27, 2022
Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI
Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in

Anukul Pandey 6 Jan 30, 2022
MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

MongoDB-Injection Cheesy Multi-threaded script for NoSQL Injection This challeng

Caretaker 2 Jun 6, 2022
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

null 26 Dec 26, 2022
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

Spring4Shell-POC (CVE-2022-22965) Spring4Shell (CVE-2022-22965) Proof Of Concept/Information + A vulnerable Tomcat server with a vulnerable spring4she

Daniel Christensen 309 Jan 2, 2023
Simple Python 3 script to detect the
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Víctor García 187 Jan 3, 2023
Releases(v1.2.1)
Owner
Federico Rapetti 20018955
A young developer that wants to try everything
Federico Rapetti 20018955
GitHub Repository
Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he

Podalirius 71 Dec 22, 2022
S2-061 的payload,以及对应简单的PoC/Exp

S2-061 脚本皆根据vulhub的struts2-059/061漏洞测试环境来写的,不具普遍性,还望大佬多多指教 struts2-061-poc.py(可执行简单系统命令) 用法:python struts2-061-poc.py http://ip:port command 例子:python

dreamer 46 Oct 20, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability

Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •

ProjectDiscovery 2.1k Jan 08, 2023
Sonoff NSPanel protocol and hacking information. Tasmota Berry driver for NSPanel

NSPanel Hacking Sonoff NSPanel protocol and hacking information and Tasmota Berry driver. NSPanel protocol manual Tasmota driver nspanel.be Installati

blakadder 98 Dec 26, 2022
xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件

xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件 安装 需要python3 小于3.7的版本 安装 muggle_ocr 模块(大概400M左右) python3 -m pip install -i http://mirrors.aliyun.com/

算命縖子 588 Jan 09, 2023
威胁情报播报

Threat-Broadcast 威胁情报播报 运行环境 项目介绍 从以下公开的威胁情报来源爬取并整合最新信息: 360:https://cert.360.cn/warning 奇安信:https://ti.qianxin.com/advisory/ 红后:https://redqueen.tj-u

东方有鱼名为咸 148 Nov 09, 2022
Exploit and Check Script for CVE 2022-1388

F5-CVE-2022-1388-Exploit Exploit and Check Script for CVE 2022-1388 Usage Check against single host python3 CVE-2022-1388.py -v true -u target_url At

Andy Gill 52 Dec 22, 2022
The probability of having the password you want in the PassMaker is +90%!!

PasswordMaker Strong listing password Introduction The probability of having the password you want in the tool is +90%!! How to Install Open the termi

MasterBurnt 4 Sep 05, 2021
SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effec

Ty K 2 Mar 23, 2022
This tool allows to automatically test for Content Security Policy bypass payloads.

CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-

Ruulian 30 Nov 22, 2022
vulnerable APIs

vulnerable-apis vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-api Setup Docker If, Out of the box docker pull kmmanoj/vulnerabl

9 Jun 01, 2022
This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s

Abdultawwab Safarji 6 Nov 14, 2022
Log4j command generator: Generate commands for CVE-2021-44228

Log4j command generator Generate commands for CVE-2021-44228. Description The vulnerability exists due to the Log4j processor's handling of log messag

1 Jan 03, 2022
A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp

20 Nov 30, 2022
HashDB API hash lookup plugin for IDA Pro

HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms

OALabs 237 Dec 21, 2022
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems

PwnLnX An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out

0xTRAW 212 Dec 24, 2022
Looks at Python code to search for things which look "dodgy" such as passwords or diffs

dodgy Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions desig

Landscape 112 Nov 25, 2022
On-demand scanning for container registries

Lacework registry scanner Install & configure Lacework CLI Integrate a Container Registry Go to Lacework Resources Containers Container Image In

Will Robinson 1 Dec 14, 2021
A black hole for Internet advertisements

Network-wide ad blocking via your own Linux hardware The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installi

Pi-hole 40.3k Jan 09, 2023
Tor Relay availability checker, for using it as a bridge in countries with censorship

Tor Relay Availability Checker This small script downloads all Tor Relay IP addresses from onionoo.torproject.org and checks whether random Relays are

ValdikSS 161 Dec 30, 2022