Tools for investigating Log4j CVE-2021-44228

Dec 15, 2021 1 min read

Log4jTools

FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).

Example command:

Requirements: curl (system), requests (python)

python FetchPayload.py ldap://maliciouserver:1337/path

[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_

GitHub

View Github

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.

Tools for investigating Log4j CVE-2021-44228

Log4jTools

FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).

GitHub

John

Predict the latency time of the deep learning models

Joint learning of images and text via maximization of mutual information

Log4jTools

FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).

GitHub

Predict the latency time of the deep learning models

Joint learning of images and text via maximization of mutual information

You might also like...