top of page

Log4J scanner in PowerShell & Shell for Windows and Linux

Hello! So today I just wanted to share with you a small vulnerability scanner which was developed by the Geneva company e-Xpert Solutions and which allows you to detect vulnerabilities linked to Log4J for your servers.



This script was developed by:

David Routin


And I contributed to this project by adding the check for version 2.15 which contains a DoS type flaw.


github contributors
github contributors

Yeah, I'm quite proud at this point, because I've never participated in a project on GitHub before. So to see my name in the "Contributors", it's nice.




Update 20.12.2021: Version 2.16 is also vulnerable to a DoS type flaw, I made a new pull request in order to update the PowerShell script.


Here's how to use it on Windows:

  1. You download handle.exe (a sysinternals tool) here: https://docs.microsoft.com/en-us/sysinternals/downloads/handle

  2. You upload the script to your server

  3. You run it as admin using this command:

powershell -ExecutionPolicy Bypass -File log4find.ps1 -HandlePath <handle.exe_filepath>

And you will have colorful results:

  • green: you're good

  • red: be careful, you have one or both vulnerabilities on your server

  • yellow: the check was not successful, will do a manual check.

Log4Find
Log4Find

To use Everything, simply launch it in admin and then type your search.

log4*

The asterisk "*" serves as a wild card.

In my case, there is no java on my machine, just 1000 PowerShell scripts and files/folders related to these Log4J detection scripts.


There you go. enjoy!


0 views

Comentários


bottom of page