A simple automatic tool for finding vulnerable log4j hosts

Last update: Mar 10, 2022

Overview

Log4Scan

A simple automatic tool for finding vulnerable log4j hosts

Installation

pip3 install -r requirements.txt

Usage

usage: log4scan.py [-h] (-f FILENAME | -e ENDPOINT) [--http] [--https] [-p PAYLOAD] [--host HOST] [-o OUTPUT_FILE] [-m MAPPING_FILE] [-t TIMEOUT] [-v]
                   [--headers-file HEADERS] [--manual] [--proxy PROXY] [--token INTERACT_TOKEN] [--headers] [--query] [--path]

options:
  -h, --help            show this help message and exit
  -f FILENAME, --filename FILENAME
                        file to use as a source of endpoints (format IP:PORT)
  -e ENDPOINT, --endpoint ENDPOINT
                        endpoint to test
  --http                Test HTTP on domains without explicit schema
  --https               Test HTTPS on domains without explicit schema
  -p PAYLOAD, --payload PAYLOAD
                        template of the testing payload to use
  --host HOST           host to send LDAP request [default: interactsh.com]
  -o OUTPUT_FILE, --output OUTPUT_FILE
                        output file with vulnerable hosts
  -m MAPPING_FILE, --mappings MAPPING_FILE
                        output file with ID<->Endpoint mapping
  -t TIMEOUT, --timeout TIMEOUT
                        request timeout [default: 10]
  -v, --verbose         verbose logging
  --headers-file HEADERS
                        file with a list of header to test
  --manual              do not run automatic verification and use the simple payload instead
  --proxy PROXY         send requests through proxy
  --token INTERACT_TOKEN
                        Custom interact.sh token

Tests:
  [default: Headers, Query, Path]

  --headers             test headers injection like user-agent and referer
  --query               test query injection in GET request as id parameter
  --path                test path injection

Basic Usage

Automatically test a single endpoint

python3 log4scan.py -e https://vulnerablemachine.com

Automatically test multiple endpoints defined in a file

python3 log4scan.py -f ./hosts.txt

Manually test multiple endpoints defined in a file with private host

python3 log4scan.py -f ./hosts.txt --manual --host privatehost.net

Manually test multiple endpoints defined in a file with custom payload and private host

python3 log4scan.py -f ./hosts.txt --manual --payload '${jndi:ldap://HOST/customprefix-ID}' --host privatehost.net

Automatically test multiple endpoints defined in a file and generate two files containing the mappings between ID and endpoints and the vulnerable endpoints

python3 log4scan.py -f ./hosts.txt -m ./mapping.csv -o ./vulnerable-endpoints.txt

Docker

Execute from image

docker run --name log4scan ghcr.io/fuji97/log4scan

Build and execute yourself

docker build . -t log4scan
docker run --name log4scan log4scan

License

This project is licensed under MIT License

Authors:

Federico Rapetti
Reply Communication Valley: https://www.linkedin.com/company/communication-valley

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

13 Jul 13, 2022

OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

560 Dec 23, 2022

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

431 Dec 22, 2022

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Log4j_checker.py (CVE-2021-44228) Description This Python3 script tries to look for servers vulnerable to CVE-2021-44228, also known as Log4Shell, a v

8 Feb 27, 2022

Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in

6 Jan 30, 2022

MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

MongoDB-Injection Cheesy Multi-threaded script for NoSQL Injection This challeng

2 Jun 6, 2022

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

26 Dec 26, 2022

Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

Spring4Shell-POC (CVE-2022-22965) Spring4Shell (CVE-2022-22965) Proof Of Concept/Information + A vulnerable Tomcat server with a vulnerable spring4she

309 Jan 2, 2023

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

187 Jan 3, 2023

A simple automatic tool for finding vulnerable log4j hosts

Related tags

Overview

Log4Scan

A simple automatic tool for finding vulnerable log4j hosts

Installation

Usage

Basic Usage

Docker

Execute from image

Build and execute yourself

License

Authors:

You might also like...

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

OpenSource Poc && Vulnerable-Target Storage Box.

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

Releases(v1.2.1)

v1.2.1(Jan 13, 2022)

v1.2(Dec 20, 2021)

v1.1(Dec 17, 2021)

v1.0.1(Dec 15, 2021)

v1.0(Dec 15, 2021)

Owner

Federico Rapetti 20018955

Early days of an Asset Discovery tool.

Static Token And Credential Scanner

CVE-2021-21972

:closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)

A tool that detects the expensive Carbon Black watchlists.

Hacktricks - Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Simple yara rule manager

Send CVE information to the specified mailbox (from Github)

Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

A piece of software that shows a traceroute of a URL redirect path

🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)

Cracker - Tools CRACK FACEBOOK DAN INSTAGRAM DENGAN FITUR BANYAK

Huskee: Malware made in Python for Educational purposes

Delta Sharing: An Open Protocol for Secure Data Sharing

A set of blender assets created for the $yb NFT project.

neo Tool is great one in binary exploitation topic

Patching - Interactive Binary Patching for IDA Pro

Rapidly enumerate subdomains and domains using rapiddns.io.

Grafana-POC(CVE-2021-43798)

Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.