Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
7 Nov 09, 2022
135 Dec 31, 2022
368 Jan 04, 2023
41 Dec 30, 2022
4 Feb 22, 2022
2 Jan 04, 2022
1 Nov 10, 2021
4 Sep 03, 2022
4 Oct 10, 2022
4 Feb 20, 2022
16 May 09, 2022
30 Nov 27, 2022
31 Nov 22, 2022
7 Dec 08, 2022
10 Oct 29, 2022
15 Jul 24, 2022
63 Dec 30, 2022
2 Jan 31, 2022
80 Dec 29, 2022
5 Mar 31, 2022