How-to-check-log4j-CVE-2021-44228
What is log4j ?
LOG4J is a open-source Java-based Apache Software used for logging services.
What is log4j Vulnerability CVE-2021-44228 ?
The Log4j vulnerability allows remote code execution by simply typing a specific string into a textbox , works on every program using the Log4j library.
Attack Surfaces / Related Softwares
| List of affected | Related Links |
|---|---|
| Brands | YfryTchsGD github link gives us a list of impacted services or components or manufacturers ( Apple, Tencent, Twitter, Cloudflare, Amazon, Tesla ...etc) |
| Softwares | Publised by Nationaal Cyber Security Centrum , github link. (Adobe,EC2, AWS API gateway,DocumentDB, DynamoDB, Kafka, Kinesis, S3, SNS, SQS, AWS SSO, Apache Cisco, CYber ARk, Dell, FOrtinet,Fujitsu, IBM, JuniperNetworks, .......etc) |
How to check your server is vulnerabe or not?
There are heaps of metrails avilable on internet by now am adding few here. make sure you read the resources before you use it.
I have writted a simple code to scan for log4j Vulnerability
Quick Scan
wget https://raw.githubusercontent.com/anuvindhs/how-to-check-patch-secure-logj4-CVE-2021-44228/main/assets/scan.sh -q -O -| bash
| Source | Related Links |
|---|---|
 |
Hotpatch for Apache Log4j AWS security services to protect against, detect, and respond to the Log4j vulnerability Mitigating the Apache log4j security issue for EKS, ECS, and Fargate customers |
 |
Cybersecurity and Infrastructure Security Agency’s Emergency Directive 22-02 Mitigate Apache Log4j Vulnerability Apache Log4j Vulnerability Guidance from CISA |
 |
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability |
 |
i have written a simple bash script to do a basic quick scan. Inspect Code Copy code |
 |
Check your Server for the Java Log4j Vulnerability , Blog link , Youtube Tutorial , github link |
 |
Website Link, It comes with a web based tool to identify the affected servers CVE-2021-44228 |
 |
Performs two specific checks: HTTP headers and HTTP GET request, github link |
 |
log4j PowerShell Checker github Link |
 |
A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts, github link |
| ADIL SOYBALI | Log4j-RCE-Scanner,scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.github link |
 |
Bytecode Detector,scans all running java processes for vulnerable log4j files. It is NOT invasive and DOES NOT require you to stop your application. It also check, if the program includes artifacts that re-bundled or re-compiled the vulnerable log4j JARs github link |
 |
Log4j Quick Reference Guide (QRG) Live Log4J Worldwide threat tracker Free Targeted Log4j Search Tool |
Lab Environments
| Created by | Lab Environment |
|---|---|
 & JohnHammond |
Solar, exploiting log4j  |
 |
Log4j RCE,This challenge covers the latest RCE in Log4j |
 |
Review the Log4J (also known as the Log4Shell) vulnerability, its use in networks currently, and demo the exploit in a sandboxed environment |
** Will update more information on coming days ...