diff --git a/tools/log4shell/README.md b/tools/log4shell/README.md index 0a9fd2f74..b35da9471 100644 --- a/tools/log4shell/README.md +++ b/tools/log4shell/README.md @@ -24,6 +24,7 @@ docker run --network=host log4shell or +Make sure you have Maven installed, then: ``` ./build-payload.sh && go build . && ./log4shell ``` diff --git a/tools/log4shell/constants/version.go b/tools/log4shell/constants/version.go index ab90ab3c1..db95d01d2 100644 --- a/tools/log4shell/constants/version.go +++ b/tools/log4shell/constants/version.go @@ -14,4 +14,4 @@ // package constants -const Version = "1.0.0" +const Version = "1.1.0" diff --git a/tools/log4shell/main.go b/tools/log4shell/main.go index 3dad2eb17..c4cfcfcb5 100644 --- a/tools/log4shell/main.go +++ b/tools/log4shell/main.go @@ -148,6 +148,18 @@ func main() { Name: "output", Usage: "File path for where to output findings in JSON format.", }, + &cli.BoolFlag{ + Name: "verbose", + Usage: "Display verbose information when running commands.", + }, + &cli.BoolFlag{ + Name: "json", + Usage: "Display findings in json format.", + }, + &cli.BoolFlag{ + Name: "debug", + Usage: "Display helpful information while debugging the CLI.", + }, }, Action: scanCommand, }, diff --git a/tools/log4shell/scan/scan.go b/tools/log4shell/scan/scan.go index 85c887ae2..7772ebf83 100644 --- a/tools/log4shell/scan/scan.go +++ b/tools/log4shell/scan/scan.go @@ -39,8 +39,8 @@ func identifyPotentiallyVulnerableFile(reader io.Reader, path, fileName string, if vulnerableHash, ok := hashLookup[fileHash]; ok { log.Info(). - Str("fileName", fileName). Str("path", path). + Str("fileName", fileName). Str("versionInfo", vulnerableHash.Name). Str("severity", vulnerableHash.Severity). Msg("identified vulnerable path")