Hello! So today I just wanted to share with you a small vulnerability scanner which was developed by the Geneva company e-Xpert Solutions and which allows you to detect vulnerabilities linked to Log4J for your servers.
This script was developed by:
David Routin
And I contributed to this project by adding the check for version 2.15 which contains a DoS type flaw.
Yeah, I'm quite proud at this point, because I've never participated in a project on GitHub before. So to see my name in the "Contributors", it's nice.
Update 20.12.2021: Version 2.16 is also vulnerable to a DoS type flaw, I made a new pull request in order to update the PowerShell script.
Here's how to use it on Windows:
You download handle.exe (a sysinternals tool) here: https://docs.microsoft.com/en-us/sysinternals/downloads/handle
You upload the script to your server
You run it as admin using this command:
powershell -ExecutionPolicy Bypass -File log4find.ps1 -HandlePath <handle.exe_filepath>
And you will have colorful results:
green: you're good
red: be careful, you have one or both vulnerabilities on your server
yellow: the check was not successful, will do a manual check.
In case the check failed, I advise you to use "everything"from voidtools < /a>. It's a search engine for Windows that is truly incredible because of its speed.
To use Everything, simply launch it in admin and then type your search.
log4*
The asterisk "*" serves as a wild card.
In my case, there is no java on my machine, just 1000 PowerShell scripts and files/folders related to these Log4J detection scripts.
There you go. enjoy!
Comments