Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
4 Sep 29, 2021
12 Jan 07, 2023
3 Jan 03, 2023
3 Aug 13, 2022
1 Dec 09, 2021
7 Oct 06, 2021
5 Nov 23, 2021
14 Dec 23, 2022
1.4k Dec 31, 2022
4 Aug 31, 2021
263 Jan 07, 2023
1 Dec 31, 2021
1 Dec 29, 2021
15 Feb 21, 2022
13 Jul 13, 2022
331 Jan 01, 2023
10 Oct 15, 2022
112 Dec 01, 2022
129 Dec 21, 2022
18 Nov 22, 2021