Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
12 Dec 12, 2022
50 Dec 26, 2022
1 Oct 12, 2021
16 Dec 08, 2022
33 Jan 04, 2023
34 Dec 01, 2022
1 Dec 10, 2021
431 Dec 22, 2022
21 Aug 12, 2022
10 Sep 25, 2022
1 Jan 23, 2022
164 Dec 10, 2022
2 Jan 11, 2022
893 Jan 04, 2023
9 Jun 01, 2022
2 Feb 15, 2022
2 Dec 12, 2021
362 Nov 28, 2022
6 Aug 04, 2022
117 Nov 28, 2022