Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
1 Oct 28, 2021
1 Nov 02, 2021
82 Nov 09, 2022
5.8k Jan 07, 2023
758 Dec 28, 2022
1 Dec 08, 2021
1 Oct 24, 2021
87 Dec 29, 2021
31 Sep 28, 2022
1 Dec 11, 2021
307 Dec 24, 2022
15 Nov 26, 2022
462 Jan 02, 2023
140 Dec 16, 2022
2 Jun 23, 2022
4 Jan 10, 2022
48 Nov 20, 2022
5 May 10, 2022
52 Dec 16, 2022
2 Sep 12, 2022