log4shell-poc-py

POC for detecting the Log4Shell (Log4J RCE) vulnerability.

Run on a system with python3 python3 log4shell-poc.py

• pathToTargetFile – containing a list of targets (targets are seperated by newlines)
• InteractionURL – the endpoint used to monitor out of band data extraction or interactions, e.g: https://github.com/projectdiscovery/interactsh

Example Output

<div class="snippet-clipboard-content position-relative overflow-auto" data-snippet-clipboard-copy-content="[1] Testing asset: http://

[2] Testing asset: http://

[3] Testing asset: http://

[4] Testing asset: http://

[5] Testing asset: http://

[6] Testing asset: http://

[7] Testing asset: http://”>

[1] Testing asset: http://
   
    

[2] Testing asset: http://
    
     

[3] Testing asset: http://
     
      

[4] Testing asset: http://
      
       

[5] Testing asset: http://
       
         [6] Testing asset: http://
        
          [7] Testing asset: http://
          
         
        
       
      
     
    
   

;; ANSWER SECTION:

   
    .
    
     .	3600	IN	A	
     
      

;; AUTHORITY SECTION:

      
       .
       
        . 3600 IN NS ns1.
        
         . 
         
          .
          
           . 3600 IN NS ns2.
           
            .