Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
633 Dec 30, 2022
4 Nov 06, 2021
125 Dec 09, 2022
1 Oct 30, 2021
168 Nov 09, 2022
20 Dec 24, 2022
6 Jul 14, 2022
91 Nov 08, 2022
4 Jul 02, 2022
82 Nov 09, 2022
10 Jul 31, 2022
2 Oct 25, 2022
17 Dec 22, 2022
237 Dec 21, 2022
210 Dec 31, 2022
219 Dec 28, 2022
1.4k Dec 30, 2022
4 Jun 03, 2022
2 Mar 19, 2022
1 Jan 03, 2022