Log4jTools
Tools for investigating Log4j CVE-2021-44228
FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).
Example command:
Requirements: curl (system), requests (python)
python FetchPayload.py ldap://maliciouserver:1337/path
[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_
1 Jan 23, 2022
5 Oct 08, 2022
25 Nov 24, 2022
65 Dec 22, 2022
2 Jan 09, 2022
1 Dec 29, 2021
88 Dec 23, 2022
12 Dec 30, 2022
8 Aug 26, 2022
9 Feb 15, 2022
3 Dec 30, 2021
6 Nov 13, 2022
12 Sep 28, 2022
5 Feb 02, 2022
95 Dec 26, 2022
114 Dec 26, 2022
12 Nov 22, 2022
118 Dec 31, 2022
221 Jan 01, 2023
1.4k Dec 30, 2022