4 Powerful Tools To Check For Vulnerable Log4j Hosts

List Of Tools To Check For Vulnerable Log4j Hosts On Your Network

  1. log4j-scan
  2. log4j_checker_beta
  3. log4j-sniffer
  4. check-log4j

Check For Vulnerable Log4j Hosts Using log4j-Scan:

  • It support for lists of URLs.
  • Fuzzing for more than 60 HTTP request headers (not only 3–4 headers as previously seen tools).
  • Fuzzing for HTTP POST Data parameters.
  • Fuzzing for JSON data parameters.
  • Supports DNS callback for vulnerability discovery and validation.
  • WAF Bypass payloads.

How To Run Log4j-Scan Tool?

  1. Clone the git: $ git clone https://github.com/fullhunt/log4j-scan.git
  2. get inside the log4j-scan directory: $ cd log4j-scan
  3. Install the required pip packages: $ pip3 install -r requirements.txt
  4. Run the tool:
  5. To Run the help: $ python3 log4j-scan.py -h
  6. To check a single URL: $ python3 log4j-scan.py -u https://192.168.0.110:8000
  7. To checka Single URL using all Request Methods: $ python3 log4j-scan.py -u https://192.168.0.110:8000 -run-all-tests
  8. To discover WAF bypasses against the environment: $ python3 log4j-scan.py -u https://192.168.0.110:8000 -waf-bypass
  9. To scan a list of URLs inside a file: $ python3 log4j-scan.py -l urls.txt

Check For Vulnerable Log4j Hosts Using log4j_Checker_Beta:

  • It scans files for occurrences of log4j
  • It checks for packages containing log4j and Solr ElasticSearch
  • It checks if Java is installed
  • Analyzes JAR/WAR/EAR files
  • Option of checking hashes of .class files in archives

How To Run log4j_Checker_Beta?

# wget https://raw.githubusercontent.com/rubo77/log4j_checker_beta/main/log4j_checker_beta.sh -q -O - |bash
# wget https://raw.githubusercontent.com/rubo77/log4j_checker_beta/main/log4j_checker_beta.sh -q -O - | bash | grep '\[WARNING\]'
# sudo apt install unzip locate# sudo updatedb
# https://github.com/rubo77/log4j_checker_beta.git# cd log4j_checker_beta/# ./log4j_checker_beta.sh hashes-pre-cve_local.txt | grep '\[WARNING\]'

Check For Vulnerable Log4j Hosts Using log4j-Sniffer:

  1. Zips: .zip
  2. Java archives: .jar, .war, .ear
  3. Tar: .tar, .tar.gz, .tgz, .tar.bz2, .tbz2

How to run log4j-sniffer?

  1. Install using ‘go’: $ go install github.com/palantir/log4j-sniffer@latest
  1. On Ubuntu: $ wget https://github.com/palantir/log4j-sniffer/releases/download/v1.0.0/log4j-sniffer-1.0.0-linux-amd64.tgz
  2. Extract The Downloaded File:
  1. For Help Run: $ ./log4j-sniffer -h
  1. $ ./log4j-sniffer crawl /opt/splunk/

Check For Vulnerable Log4j Hosts Using Check-Log4j:

How to Run Check-Log4j?

  1. Clone the git: $ git clone https://github.com/yahoo/check-log4j.git
  2. Change the directory to: $ cd check-log4j/src
  3. Run check-log4j: $ ./check-log4j.sh -p /opt/splunk
  4. For help: $ ./check-log4j.sh -h

--

--

--

We are here to create awareness about cyber security.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Biometric Identification — New Tools to Improve Authentication Processes

When Google Sites will not MASK

What to do if your Google sites custom domain is showing Google’s sub domain instead? Use these PUBLIC view settings.

Cybersecurity KPIs

Why are intelligent locks safer than classic locks

SML vs CAL

SML vs CAL

CCPA vs GDPR

{UPDATE} 一緒にいるのが好き Hack Free Resources Generator

Intelligence and Investigation Talent Moves (15 December)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thesecmasterblog

Thesecmasterblog

We are here to create awareness about cyber security.

More from Medium

How To Analyze Malware Infections?

Privilege Escalation in Linux Systems

🐧Essential Linux Commands + Interactive Challenge

How To Fix CVE-2021–45105- A New High Severity Vulnerability In Log4j