FullHunt developed an open-source tool for discovering Apache Log4j RCE CVE-2021-4428 at scale.

Detecting Apache Log4J RCE at scale

The Apache Log4J RCE CVE-2021-4428 is a critical vulnerability that has been heavily exploited by threat actors this weekend. At FullHunt, we developed, log4j-scan: a fully automated, accurate, and extensive scanner for finding Apache Log4j RCE. It was mainly available for our customers during the past days. We’re glad to be open-sourcing it now!

How log4j-scan works?

Log4j-scan fuzzes HTTP request headers, POST data, JSON body, and all possible points where a Log4j entry can be generated from an HTTP request. It also has WAF bypass payloads that can be tested to evaluate the security of WAFs and make sure that WAFs are blocking Log4J variants.

It uses DNS OOB callback to validate whether an host is affected, and it does not attempt to exploit the RCE vulnerability.

FullHunt Enterprise customers have already been tested once the vulnerability was released, and all FullHunt Enterprise customers have this RCE resolved.

Demo

log4j-scan Project: github.com/fullhunt/log4j-scan


Are you an enterprise that is looking for assets discovery, continuous monitoring, security scanning, better support, more features, and custom-developed tools? Please reach out to us at [email protected], and we will be happy to solve your challenges.

Discover unknown assets today and protect your organization

Best regards,
Mazin Ahmed
The FullHunt Team