POC for detecting the Log4Shell (Log4J RCE) vulnerability.

Last update: Dec 22, 2021

Overview

log4shell-poc-py

POC for detecting the Log4Shell (Log4J RCE) vulnerability.

Run on a system with python3 python3 log4shell-poc.py

pathToTargetFile - containing a list of targets (targets are seperated by newlines)
InteractionURL - the endpoint used to monitor out of band data extraction or interactions, e.g: https://github.com/projectdiscovery/interactsh

Example Output

[1] Testing asset: http://
   
    

[2] Testing asset: http://
    
     

[3] Testing asset: http://
     
      

[4] Testing asset: http://
      
       

[5] Testing asset: http://
       
         [6] Testing asset: http://
        
          [7] Testing asset: http://

Interaction Results

The example output as seen on the interactor due to a the Log4J vulnerability being found in an asset.

;; ANSWER SECTION:

   
    .
    
     .	3600	IN	A	
     
      

;; AUTHORITY SECTION:

      
       .
       
        . 3600 IN NS ns1.
        
         . 
         
          .
          
           . 3600 IN NS ns2.
           
            .

- represents the line number of the target in the target file

Owner

BCC Risk Advisory

GitHub Repository

Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai

329 Jan 01, 2023

Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

ScratchABit is an interactive incremental disassembler with data/control flow analysis capabilities. ScratchABit is dedicated to the effor

380 Dec 28, 2022

Colin O'Flynn's Hacakday talk at Remoticon 2021 support repo.

Hardware Hacking Resources This repo holds some of the examples used in Colin's Hardware Hacking talk at Remoticon 2021. You can see the very sketchy

19 Sep 12, 2022

Open source vulnerability DB and triage service.

OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source

893 Jan 04, 2023

LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.

Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"

40 Dec 21, 2022

ssh-audit is a tool for ssh server & client configuration auditing.

SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

1.4k Dec 31, 2022

PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

3 Nov 08, 2022

Argument Injection in Dragonfly Ruby Gem

CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://

12 Nov 09, 2022

An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several

40 Dec 29, 2022

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

loggef Facebook automation tool, Facebook account hacking and cloning advanced tool + dictionary attack added Warning Use this tool for educational pu

149 Aug 10, 2022

Tools Crack Fb Terbaru

12 Jan 06, 2022

Threat research and reporting from IronNet's Threat Research Teams

IronNet Threat Research 🕵️ Overview This repository contains IronNet's Threat Research. Research & Reporting 📝 Project Description Cobalt Strike Res

36 Dec 02, 2022

Port scanning tool that uses Python3. Created by Noble Wilson

Hello There! My name is Noble Wilson and I am an aspiring IT/InfoSec coder practicing for my future. ________________________________________________

1 Nov 23, 2021

A Modified version of TCC's Osprey poc framework......

fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写，去掉臃肿功能的精简版本poc框架 PS：真的用不惯其它臃肿的功能，不过作为一个收集漏洞poc && exp的框架还是非常不错的！！！ osprey For beginners fr

10 Dec 30, 2022

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty

16 Nov 15, 2022

Shell hunter for AF

AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins

34 May 13, 2022

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

165 Dec 21, 2022

POC for detecting the Log4Shell (Log4J RCE) vulnerability.

Related tags

Overview

log4shell-poc-py

Example Output

Interaction Results

Owner

BCC Risk Advisory

Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

Colin O'Flynn's Hacakday talk at Remoticon 2021 support repo.

Open source vulnerability DB and triage service.

LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.

ssh-audit is a tool for ssh server & client configuration auditing.

PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

Argument Injection in Dragonfly Ruby Gem

An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

Tools Crack Fb Terbaru

Threat research and reporting from IronNet's Threat Research Teams

Port scanning tool that uses Python3. Created by Noble Wilson

A Modified version of TCC's Osprey poc framework......

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

Shell hunter for AF

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye

BurpSuite Extension: Log4j2 RCE Scanner

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries