Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
167 Dec 19, 2022
127 Dec 27, 2022
1 Jan 11, 2022
129 Dec 30, 2022
4.9k Jan 08, 2023
29 Nov 20, 2022
15 Dec 01, 2022
14 Aug 17, 2022
72 Jan 01, 2023
36 Dec 20, 2022
58 Dec 05, 2022
29.7k Jan 04, 2023
1 Aug 02, 2022
9 Jun 05, 2022
87 Dec 31, 2022
30 May 17, 2022
2.2k Jan 08, 2023
4 Jul 02, 2022
4 Feb 20, 2022
2 Dec 06, 2021