漏洞平台

POC详情： 8333aa8a77c8b564d2a8e2776f684b41580f7140

来源

https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs

关联漏洞

标题： Apache Log4j 代码问题漏洞 (CVE-2021-44228)
描述：Apache Log4j是美国阿帕奇（Apache）基金会的一款基于Java的开源日志记录工具。 Apache Log4J 存在代码问题漏洞，攻击者可设计一个数据请求发送给使用 Apache Log4j工具的服务器，当该请求被打印成日志时就会触发远程代码执行。

描述

Public IoCs about log4j CVE-2021-44228

介绍

# log4j (log4shell) CVE-2021-44228 Public IoCs list

Public IoCs about log4j CVE-2021-44228 (log4shell) based on Twitter and others social networks (pull requests accepted, I remove duplicates automatically)

## IPs

* https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs/raw/main/ips.txt

## Callbacks domains

* https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs/raw/main/callbacks-domains.txt

## Hashes (binaries)

* https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs/raw/main/hashes-binaries.txt

## Hashes for vulnerable log4j versions available here

* https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes

## Payloads detected list available here

* https://gist.github.com/nathanqthai/01808c569903f41a52e7e7b575caa890

## Yara rule (work in progress)

* https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs/blob/main/yara-rule.yar

---

#### IoCs Sources (sources used to create my own lists above)

* https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
* https://github.com/axelmorningstar/log4j
* https://gist.github.com/gnremy/c546c7911d5f876f263309d7161a7217
* https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds/blob/master/log4j_ip.intel
* https://gist.github.com/superducktoes/9b742f7b44c71b4a0d19790228ce85d8
* https://github.com/Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228/blob/main/Threatview.io-log4j2-IOC-list
* https://github.com/eshlomo1/Azure-Sentinel-4-SecOps/blob/master/Hunting/CVE-2021-44228-Logshell/log4j-ioc-list.csv
* https://raw.githubusercontent.com/guardicode/CVE-2021-44228_IoCs/main/iocs.csv
* https://github.com/Orange-Cyberdefense/log4shell_iocs
* Tweets from various users

#### Here is a tool to detect attemps

* https://github.com/Neo23x0/log4shell-detector

#### Actual Log4j impact on manufacturers and components summary from the Internet community

* https://github.com/YfryTchsGD/Log4jAttackSurface
* https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

文件快照


 [4.0K]  /data/pocs/8333aa8a77c8b564d2a8e2776f684b41580f7140
├── [ 55K]  callbacks-domains.txt
├── [2.1K]  hashes-binaries.txt
├── [ 45K]  ips.txt
├── [1.9K]  README.md
└── [7.1K]  yara-rule.yar

0 directories, 5 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。