Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/anthonyg-1/log4jvulnscripts

A collection of PowerShell scripts to detect and mitigate the log4j vulnerability on Windows servers with Sitecore installed.
https://github.com/anthonyg-1/log4jvulnscripts

log4j log4shell powershell sitecore

Last synced: 25 days ago
JSON representation

A collection of PowerShell scripts to detect and mitigate the log4j vulnerability on Windows servers with Sitecore installed.

Host: GitHub
URL: https://github.com/anthonyg-1/log4jvulnscripts
Owner: anthonyg-1
License: mit
Created: 2021-12-14T15:26:03.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2021-12-16T16:22:15.000Z (about 3 years ago)
Last Synced: 2024-11-19T15:53:15.733Z (3 months ago)
Topics: log4j, log4shell, powershell, sitecore
Language: PowerShell
Homepage:
Size: 85.9 KB
Stars: 3
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Log4jVulnScripts

This repository contains PowerShell scripts that serve to detect and mitigate CVE-2021-44228 (Log4j vulnerability) on Windows systems with Sitecore installed per the steps outlined in the following: https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228.

Note that this mitigation applies only to Log4j version 2.10 or higher. More on that here: https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/12/log4j-zero-day-log4shell-arrives-just-in-time-to-ruin-your-weekend/

This MitigateLog4jVuln.ps1 script takes two parameters; target drive letter and a switch parameter to instruct this script to restart the service. If no drive letter is specified, all file system drives are searched.

Use at your own risk, optimally in a test environment before attempting to execute on several servers at once. Pull requests welcome and encouraged!

### Requirements
Requires PowerShell 4 or above.

### Usage
#### Mitigation
```powershell
# Searches all file system drives for solr.in.cmd and applies mitigation without restarting the service:
.\MitigateLog4jVuln.ps1

# Searches all file system drives for solr.in.cmd, applies mitigation, and restarts service:
.\MitigateLog4jVuln.ps1 -RestartService

# Searches only the E: drive for solr.in.cmd, applies mitigation, and restarts service:
.\MitigateLog4jVuln.ps1 -DriveLetter E -RestartService
```
#### Detection
```powershell
# Searches all file system drives for solr.in.cmd and determines if mitigation needs to be applied.
.\DetectLog4jVuln.ps1
```