关联漏洞
描述
A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager
介绍
# Vm4J
A tool for detect vmware product log4j vulnerability.
# How it works?
- First start a `JNDIExploit` server.
- Start this tool and set any config to right setting.
- Send payload.
# Screenshot
# Support
- VMware HCX
- VMware vCenter
- VMware Workspace One (Will be add)
- VMware NSX
- VMware Horizon
- VMware vRealize Operations Manager
# Note
1. This project use `Visual Studio 2022` and `.NET Framework 4.5`.
2. For Debug mode this tool set proxy to `127.0.0.1:8080` and Release mode set proxy to `null`.
3. Some Product **CAN USE DNSLOG ONLY **.
# Todo
- Workspace One.
文件快照
[4.0K] /data/pocs/64d8a1860c06f0b0d3a7cb8471c3e1a3c5b287b4
├── [4.0K] Csharp
│ ├── [ 27K] favicon.ico
│ ├── [1.1K] Vm4J EXP.sln
│ └── [4.0K] WindowsFormsApp1
│ ├── [ 178] App.config
│ ├── [4.0K] bin
│ │ ├── [4.0K] Debug
│ │ │ ├── [ 88K] Vm4j_exp.exe
│ │ │ ├── [ 178] Vm4j_exp.exe.config
│ │ │ └── [ 84K] Vm4j_exp.pdb
│ │ └── [4.0K] Release
│ │ ├── [ 87K] Vm4j_exp.exe
│ │ ├── [ 178] Vm4j_exp.exe.config
│ │ └── [ 78K] Vm4j_exp.pdb
│ ├── [4.0K] ExecPayload
│ │ ├── [6.9K] VCenter.cs
│ │ ├── [4.7K] VHCX.cs
│ │ ├── [5.7K] VHorizon.cs
│ │ ├── [4.7K] VNSX.cs
│ │ ├── [4.7K] VROM.cs
│ │ └── [ 200] VWorkspaceOne.cs
│ ├── [ 27K] favicon.ico
│ ├── [ 13K] Form1.cs
│ ├── [ 16K] Form1.Designer.cs
│ ├── [ 45K] Form1.resx
│ ├── [1.7K] Log.cs
│ ├── [4.0K] obj
│ │ ├── [4.0K] Debug
│ │ │ ├── [1.9K] DesignTimeResolveAssemblyReferences.cache
│ │ │ ├── [7.1K] DesignTimeResolveAssemblyReferencesInput.cache
│ │ │ ├── [4.0K] TempPE
│ │ │ │ └── [3.5K] Properties.Resources.Designer.cs.dll
│ │ │ ├── [ 6] Vm4J EXP.csproj.AssemblyReference.cache
│ │ │ ├── [ 41] Vm4J EXP.csproj.CoreCompileInputs.cache
│ │ │ ├── [ 766] Vm4J EXP.csproj.FileListAbsolute.txt
│ │ │ ├── [ 126] Vm4J EXP.csproj.GenerateResource.cache
│ │ │ ├── [ 0] Vm4J EXP.csproj.SuggestedBindingRedirects.cache
│ │ │ ├── [ 88K] Vm4j_exp.exe
│ │ │ ├── [ 27K] Vm4j_exp.Form1.resources
│ │ │ ├── [ 84K] Vm4j_exp.pdb
│ │ │ ├── [ 180] Vm4j_exp.Properties.Resources.resources
│ │ │ └── [5.9K] WindowsFormsApp1.csproj.AssemblyReference.cache
│ │ └── [4.0K] Release
│ │ ├── [4.0K] TempPE
│ │ │ └── [3.5K] Properties.Resources.Designer.cs.dll
│ │ ├── [ 6] Vm4J EXP.csproj.AssemblyReference.cache
│ │ ├── [ 41] Vm4J EXP.csproj.CoreCompileInputs.cache
│ │ ├── [ 788] Vm4J EXP.csproj.FileListAbsolute.txt
│ │ ├── [ 126] Vm4J EXP.csproj.GenerateResource.cache
│ │ ├── [ 0] Vm4J EXP.csproj.SuggestedBindingRedirects.cache
│ │ ├── [ 87K] Vm4j_exp.exe
│ │ ├── [ 27K] Vm4j_exp.Form1.resources
│ │ ├── [ 78K] Vm4j_exp.pdb
│ │ └── [ 180] Vm4j_exp.Properties.Resources.resources
│ ├── [ 424] Program.cs
│ ├── [4.0K] Properties
│ │ ├── [1.2K] AssemblyInfo.cs
│ │ ├── [2.7K] Resources.Designer.cs
│ │ ├── [5.4K] Resources.resx
│ │ ├── [1.1K] Settings.Designer.cs
│ │ └── [ 242] Settings.settings
│ ├── [6.9K] Tools.cs
│ ├── [5.0K] Vm4J EXP.csproj
│ └── [ 470] Vm4J EXP.csproj.user
├── [ 34K] LICENSE
├── [4.0K] README
│ └── [147K] img1.png
└── [ 634] README.md
13 directories, 55 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。