{"id":18550901,"url":"https://github.com/mrjameshamilton/log4shell-detector","last_synced_at":"2025-04-09T22:31:24.338Z","repository":{"id":53846872,"uuid":"446544840","full_name":"mrjameshamilton/log4shell-detector","owner":"mrjameshamilton","description":"A log4shell detector using ProGuardCORE","archived":false,"fork":false,"pushed_at":"2022-08-05T14:49:03.000Z","size":79,"stargazers_count":5,"open_issues_count":0,"forks_count":4,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-24T12:47:32.756Z","etag":null,"topics":["cve-2021-44228","detector","log4j","log4shell","proguard-core","security"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrjameshamilton.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-01-10T18:52:04.000Z","updated_at":"2023-07-10T20:55:28.000Z","dependencies_parsed_at":"2022-08-22T21:31:17.755Z","dependency_job_id":null,"html_url":"https://github.com/mrjameshamilton/log4shell-detector","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjameshamilton%2Flog4shell-detector","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjameshamilton%2Flog4shell-detector/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjameshamilton%2Flog4shell-detector/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjameshamilton%2Flog4shell-detector/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrjameshamilton","download_url":"https://codeload.github.com/mrjameshamilton/log4shell-detector/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248123533,"owners_count":21051489,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve-2021-44228","detector","log4j","log4shell","proguard-core","security"],"created_at":"2024-11-06T21:06:02.247Z","updated_at":"2025-04-09T22:31:23.890Z","avatar_url":"https://github.com/mrjameshamilton.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Log4Shell detector\n\nYet another log4shell detector, similar to [log4jscanner](https://github.com/google/log4jscanner),\n[log4j-detector](https://github.com/mergebase/log4j-detector) etc but built with [ProGuardCORE](https://github.com/Guardsquare/proguard-core).\n\nIt detects the usage of log4j versions vulnerable to CVE-2021-44228. \n\nFor more information about the vulnerability see [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8984) \nand [Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html).\n\n# Executing\n\nYou can download the [release distribution](https://github.com/mrjameshamilton/log4shell-detector/releases/tag/v1.0.0), extract and run the shell/bat script. The input can be a jar file, class file, directory, Android aar or Android apk.\n\n```\n$ bin/log4shell-detector \u003cpath-to-jar\u003e\n```\n\nOr you can clone this repository and execute via Gradle:\n\n```bash\n$ ./gradlew run --args=/path/to/my.jar\n```\n\n# Building\n\nThe application can be built from source via Gradle:\n\n```\n$ ./gradlew build\n```\n\nThis will generate distribution archives in the `build/distributions` directory.\n\n# How does it work?\n\nThe detector looks for a specific constructor that appears in log4j \u003c 2.15.0,\nsimilar to [this Yara rule](https://github.com/darkarnium/Log4j-CVE-Detect/blob/main/rules/vulnerability/log4j/CVE-2021-44228.yar).\n\n[ProGuardCORE](https://github.com/Guardsquare/proguard-core) is used to parse the input, and a combination of class and member\nfilters are used to look for the specific constructor.\n\n[dex2jar](https://github.com/pxb1988/dex2jar) is used to convert dex files in Android APKs files to class files.\n\n# Shadow packed log4j\n\nShadow packed versions of log4j should be detected, for example if\nthe log4j package is renamed to `com/example/org/apache/logging/log4j`.\n\n# Obfuscated applications\n\nIf an application is obfuscated then the detector may not detect the vulnerability,\nsince it is name based.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrjameshamilton%2Flog4shell-detector","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrjameshamilton%2Flog4shell-detector","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrjameshamilton%2Flog4shell-detector/lists"}