log4shell-detector
log4shell-detector copied to clipboard
New payload results in DOS attack
Thank you for the brilliant code for scanning the payload! I have an issues as follows : Payload Description: If a string substitution is attempted for any reason on the following string, it will trigger an infinite recursion, and the application will crash: ${${::-${::-$${::-j}}}}. Reference : https://issues.apache.org/jira/browse/LOG4J2-3230
I tried the script to test whether it could bypass the mentioned payload and unfortunately it could not.So is it possible to modify the script to include this payload as well? Thanks !