Skip to content

dorkerdevil/Log-4-JAM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits

README.md

README.md

 
 

l4jam.py

l4jam.py

 
 

Repository files navigation

Log-4-JAM - Log 4 Just Another Mess

Log4j JNDI inj. vuln scanner - Public Relase

About -

This is a reliable scanner if you are looking to test your applications that could be vulnerable to Log4J JNDI Injection Vulnerability.

Requirements

pip3 install requests_toolbelt

Usage

# make sure target list has http/https prepended to it.
# or grab list of endpoints from wayback and pass the list in the argument . 
python3 l4jam.py targetlist.txt collab.net

Updates / features

1. loads the target lists
2. added more RSPs like dns, rmi, etc
3. added more waf bypass payloads.
4. added more headers
5. Prints out request and response of each target.

warning!!

its all on you what you do with this script as this is meant for pentest/Red-Team and bugbounty stuff. other than that if you use it for malicious purpose like extortion and shit i am not responsible for the mess.

!!! Feedback's are welcome !!!

Contact

If you want to get your product tested if its vuln/exploitable to log4j jndi injection , Then write me email - dorkerdevil_log4jmess@protonmail.com

About

Log4j JNDI inj. vuln scanner

Resources

Readme
Activity

Stars

65 stars

Watchers

5 watching

Forks

18 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages