Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
17 Nov 30, 2022
1 Dec 26, 2021
7 Jan 07, 2022
6 Mar 10, 2022
2 Dec 02, 2022
38 Dec 31, 2022
368 Jan 02, 2023
63 Nov 15, 2022
26 Mar 15, 2022
7 Nov 10, 2022
9 Nov 09, 2022
1 Feb 14, 2022
1 Jan 10, 2022
580 Jan 09, 2023
40.3k Jan 09, 2023
1 Nov 26, 2021
312 Dec 09, 2022
259 Dec 31, 2022
118 Dec 31, 2022
1 Dec 08, 2021