Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/adilsoybali/Log4j-RCE-Scanner

Remote command execution vulnerability scanner for Log4j.
https://github.com/adilsoybali/Log4j-RCE-Scanner

checker cve-2021-44228 log4j log4j2 log4shell rce scanner vulnerability-scanners

Last synced: 3 months ago
JSON representation

Remote command execution vulnerability scanner for Log4j.

Awesome Lists containing this project

README 

        


  Log4j-RCE-Scanner

  



















GitHub last commit





  Feature
  Requirements
  Installation
  Usage
  Contact




---

      

# RCE scanner for Log4j

Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.

> [Affected versions < 2.15.0](https://logging.apache.org/log4j/2.x/security.html)

## Features

- It can scan according to the url list you provide.

- It can scan all of them by finding the subdomains of the domain name you give.

- It adds the source domain as a prefix to determine from which source the incoming dns queries are coming from.

## Requirements

1. [httpx](https://github.com/projectdiscovery/httpx)

2. [curl](https://curl.se/download.html)

> If you want to scan with a domain name, you must additionally install [subfinder](https://github.com/projectdiscovery/subfinder), [assetfinder](https://github.com/tomnomnom/assetfinder) and [amass](https://github.com/OWASP/Amass).

## Installation

 1. `git clone https://github.com/adilsoybali/Log4j-RCE-Scanner.git`

 2. `cd Log4j-RCE-Scanner`

 3. `chmod +x log4j-rce-scanner.sh`

 

 



## Usage



    ./log4j-rce-scanner.sh -h



This will display help for the tool. Here are all the switches it supports.



    -h, --help - Display help

    -l, --url-list - List of domain/subdomain/ip to be used for scanning.

    -d, --domain - The domain name to which all subdomains and itself will be checked.

    -b, --burpcollabid - Burp collabrator client id address or interactsh domain address.

    

    Example uses:

    ./log4j-rce-scanner.sh -l httpxsubdomains.txt -b yrt45r4sjyoj19617jem5briio3cs.burpcollaborator.net

    ./log4j-rce-scanner.sh -d adilsoybali.com -b yrt45r4sjyoj19617jem5briio3cs.burpcollaborator.net



[Click here to go to Burp collaborator documentation page.](https://portswigger.net/burp/documentation/collaborator)



[Click here to go to Interactsh.](https://app.interactsh.com/#/)



> If the domain is vulnerable, dns callbacks with the vulnerable domain name is sent to the burp collaborator or interactsh address you provided.



## Contributing



Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are  **greatly appreciated**.



If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!



1.  Fork the Project

2.  Create your Feature Branch (`git checkout -b feature/AmazingFeature`)

3.  Commit your Changes (`git commit -m 'Add some AmazingFeature'`)

4.  Push to the Branch (`git push origin feature/AmazingFeature`)

5.  Open a Pull Request



## Contact





Email

Linkedin

Discord

Twitter

Personal Web Site




## Acknowledgments



-   [LunaSec](https://www.lunasec.io/docs/blog/log4j-zero-day/)

-   [Zsolt Háló](https://github.com/zsolt-halo)



## Stargazers over time



[![Stargazers over time](https://starchart.cc/adilsoybali/Log4j-RCE-Scanner.svg?)](https://starchart.cc/adilsoybali/Log4j-RCE-Scanner)