Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
1 Feb 14, 2022
2 Jun 23, 2022
329 Jan 01, 2023
8 Oct 20, 2022
4 Nov 06, 2021
1 Jan 01, 2022
307 Dec 24, 2022
60 Dec 10, 2022
80 Nov 28, 2022
2 Nov 30, 2021
2 Nov 22, 2022
1 Jun 30, 2022
0 Feb 07, 2022
894 Dec 25, 2022
216 Jan 08, 2023
1 Nov 15, 2021
16 Mar 24, 2022
82 Dec 28, 2022
25 Oct 10, 2022
4 Jan 17, 2022