Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
1 Apr 18, 2022
13 Oct 28, 2022
25 Sep 23, 2022
8 Mar 12, 2022
5 Dec 10, 2021
893 Jan 04, 2023
259 Dec 19, 2022
59 Dec 24, 2022
213 Dec 30, 2022
34 Nov 21, 2022
33 Sep 23, 2022
6 Sep 01, 2022
41 Dec 30, 2022
7 Mar 08, 2022
38 Aug 09, 2022
12 Jan 06, 2022
35 Apr 17, 2022
3 Dec 22, 2021
22 Dec 29, 2022
9 Jun 01, 2022