CVE-2021-44228 PoC — Apache Log4j 代码问题漏洞

Source

Associated Vulnerability

Description

CVE-2021-44228-FIX-JARS

Readme

#CVE-2021-44228

Windows Batch Script to Scan all current path subdirectories 

Archive and Fix the log4j(CVE-2021-44228) impacted jars

1. First:		 lookup_impacted.bat (for creating log4j_impacted_jars_details.txt)
2. Archive: 		 archive_impacted.bat (archive all files listed in log4j_impacted_jars_details.txt)
3. Fix using: 	 fix_impacted.bat (delete JNDILookup.class in jars listed in log4j_impacted_jars_details.txt)

ATTENTION: Only JNDILookup.class affected according to [Doc ID 2828323.1]

(https://support.oracle.com/epmos/faces/DocContentDisplay?_afrLoop=16805527238225&id=2828323.1&_afrWindowMode=0&_adf.ctrl-state=m6ousubav_53)

Works only in Windows env

File Snapshot

 [4.0K]  /data/pocs/fa2d00c6f3a5114973f777de2f33fdd03479ae20
├── [1.9K]  1.lookup_impacted.bat
├── [  76]  2.archive_impacted.bat
├── [1.5K]  3.fix_impacted.bat
└── [ 668]  README.md

0 directories, 4 files

Remarks