Look for JAR files that vulnerable to Log4j RCE (CVE‐2021‐44228)
It differs from some other tools that scan for vulnerable remote services by running trigger exploits such as track DNS pingbacks. Look4jar tried to find JndiLookup.class file in the java archive (recursively), if yet any — then it will look for log4j2.enableJndiLookup in JndiManager.class file which it deems possibly vulnerable.
- Download a prebuilt binary from releases page, unpack and run! or:
- If you have Go1.16+ compiler installed & configured:
$ go install dw1.io/look4jar@latest— or
Building from source code:
$ git clone git@github.com:dwisiswant0/look4jar.git
$ cd look4jar/
$ go mod tidy
$ go build .
$ ./look4jar -h
look4jar
---
Look for JAR files that vulnerable to Log4j RCE (CVE‐2021‐44228)
@dwisiswant0
Usage:
look4jar -p /path/to/file [OPTIONS...]
Options:
-p, --path <FILE/PATH> Specify EAR/JAR/WAR file/directory to scan recursively
-v, --verbose Verbose mode (default false)
Examples:
look4jar -p /path/to/file.jar
look4jar -p /usr/local/lib -v
Look4jar is distributed under Apache License v2.0. See LICENSE.