An All-In-One Pure Python PoC for CVE-2021-44228

Last update: Nov 09, 2022

Overview

Python Log4RCE

An all-in-one pure Python3 PoC for CVE-2021-44228.

Configure

Replace the global variables at the top of the script to your configuration.

Run

All you need is to run with any python3 install:

python3 ./log4rce.py

Java

If you want to run your own Java script, do the following (./java/Exploit.java as example):

javac ./java/Exploit.java
python3 -c 'print(open("./java/Exploit.class", "rb").read())'

Copy the output of the previous in the JAVA_CLASSES dict. It can be select through the TARGET global variable.

Owner

Alexandre Lavoie

Last Year CS Undergrad

GitHub Repository

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly

136 Dec 13, 2022

PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

17 Dec 22, 2022

A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer.

Wlan Fetcher Windows10 Description A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer. Usage This Script onl

2 Nov 20, 2021

A python script to brute-force guess the passwords to Instagram accounts

Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i

2 Nov 16, 2021

A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.

BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF

118 Nov 07, 2022

On-demand scanning for container registries

Lacework registry scanner Install & configure Lacework CLI Integrate a Container Registry Go to Lacework Resources Containers Container Image In

1 Dec 14, 2021

Rapidly enumerate subdomains and domains using rapiddns.io.

Description Simple python module (unofficial) allowing you to access data from rapiddns.io. You can also use it as a module. As mentioned on the rapid

27 Dec 31, 2022

Example for the NFT 3D Collectibles using Blender Scripting (Python).

NFT Collectibles using Blender Python What is this? This project is to demonstrate for generating NFT Collectible Avatar-Styled images. For details, p

48 Nov 26, 2022

SQLi Google Dork Scanner (new version)

XGDork² - ViraX Google Dork Scanner SQLi Google Dork Scanner by ViraX @ 2021 for Python 2.7 - compatible Android(NoRoot) - Termux A simple 'naive' pyt

8 Dec 20, 2022

A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks

5GC_API_parse Description 5GC API parse is a BurpSuite extension allowing to assess 5G core network functions, by parsing the OpenAPI 3.0 not supporte

57 Dec 16, 2022

EMBArk - The firmware security scanning environment

Embark is being developed to provide the firmware security analyzer emba as a containerized service and to ease accessibility to emba regardless of system and operating system.

175 Dec 14, 2022

the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

25 Nov 15, 2022

An All-In-One Pure Python PoC for CVE-2021-44228

Related tags

Overview

Python Log4RCE

Configure

Run

Java

Owner

Alexandre Lavoie

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

PoC for CVE-2021-26855 -Just a checker-

A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer.

A python script to brute-force guess the passwords to Instagram accounts

A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.

On-demand scanning for container registries

Rapidly enumerate subdomains and domains using rapiddns.io.

Example for the NFT 3D Collectibles using Blender Scripting (Python).

SQLi Google Dork Scanner (new version)

A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks

EMBArk - The firmware security scanning environment

the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

Exploiting CVE-2021-42278 and CVE-2021-42287

ssh-audit is a tool for ssh server & client configuration auditing.

使用golang重写开源工具wafw00f

CVE-log4j CheckMK plugin

PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests.

Discord-keylogger - Discord keylogger With Python

A Python application to predict what is cooking

PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)