log4shell-poc-py
POC for detecting the Log4Shell (Log4J RCE) vulnerability.
Run on a system with python3 python3 log4shell-poc.py
pathToTargetFile
– containing a list of targets (targets are seperated by newlines)InteractionURL
– the endpoint used to monitor out of band data extraction or interactions, e.g: https://github.com/projectdiscovery/interactsh
Example Output
<div class="snippet-clipboard-content position-relative overflow-auto" data-snippet-clipboard-copy-content="[1] Testing asset: http://
[2] Testing asset: http://
[3] Testing asset: http://
[4] Testing asset: http://
[5] Testing asset: http://
[6] Testing asset: http://
[7] Testing asset: http://”>
[1] Testing asset: http://
[2] Testing asset: http://
[3] Testing asset: http://
[4] Testing asset: http://
[5] Testing asset: http://
[6] Testing asset: http://
[7] Testing asset: http://