Skip to content

shamo0/CVE-2021-44228

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
log4j_scanner.sh
log4j_scanner.sh
 
 

Repository files navigation

CVE-2021-44228 (log4shell) POC

Log4j-RCE-Scanner

log4j Scanning tool

This tool will help you identify remote code execution vulnerability (log4j) on your systems.

Requirements

You will need to install httpx, subfinder, assetfinder, curl and amass in order to run the bash script.

Installation

  1. Simply git clone the repo or download the bash script git clone https://github.com/shamo0/CVE-2021-44228.git
  2. change file permissions chmod +x log4j_scanner.sh
  3. Run the bash script ./log4j_scanner.sh

Usage:

./log4j_scanner.sh -l subdomains.txt -i c6wvp482vtc10xx5bhnggdqp5neyyyyyb.interact.sh
./log4j_scanner.sh -d vulnsite.com -i c6wvp482vtc10xx5bhnggdqp5neyyyyyb.interact.sh

-h, --help Help menu
-l, --url-list List of domain/subdomain/ip to be used for scanning.
-d, --domain The domain name to which all subdomains and itself will be checked with Subfinder & Assetfinder.
-i, --inteactshdomain interactsh domain address.

References & Acknowledgements

But also please note that

Log4j-RCE-Scanner

About

log4shell (CVE-2021-44228) scanning tool

Topics

log exploit tool log4j code scanner logging remote apache poc rce execution cve scanning log4j2 2021 cve-2021-44228 log4shell 44228

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages