log4j-detector
log4j-detector copied to clipboard
mergebase
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...
Testing sample files, getting strange "Not actually a zip!?! (no magic number)" line endings, instead of status.: testuser:log4j-detector testuser$ java -jar log4j-detector-2021.12.20.jar ./test-files/ -- github.com/mergebase/log4j-detector v2021.12.20 (by mergebase.com) analyzing paths...
Hi, it would be nice if the tool can have 2 modes. 1. Full scan mode [the one that searches all file system (the current mode)] 2. quick mode for...
I get various messages java.util.zip.ZipException: invalid entry size (expected 0 but got 622 bytes) when e.g. scanning the following zip file: https://github.com/microsoft/Windows-classic-samples/blob/main/Samples/Win7Samples/dataaccess/OPC/musicbundlesignature/SampleMusicBundle.zip With 7-Zip I can open it.
I get this error message during the scanning of linus tool folders. I am not sure if the log4J-script stops working or finishes its task. java -jar log4j-detector-2021.12.17.jar /.../ >...
It seems like the latest version (2021.12.20) does not redirect the output anmore. Instead all output goes to the screen and the output file has 0 bytes length.... Did I...
Version of log4j_detector: `log4j-detector-2021.12.20.jar` Hello, currently log4j-detector logs following lines after finding log4j 1.x files: ``` $ sha256sum ./log4j-1.1.3.jar 635d4be0003f9b24f560a7835db59fef04d1102bac75824c5f1c6ae48aa626a9 ./log4j-1.1.3.jar $ java -jar ./log4j-detector-2021.12.20.jar ./log4j-1.1.3.jar /home/litew/Downloads/log4j-1.1.3.jar contains Log4J-1.x Log4j...
Hello there, first of all, thanks for this handy tool. But I keep wondering, which folders need to be scanned and which can be ignored (Linux Mint). I used to...
We tried the Scanner on a Multi-Archive-Tar file that contained a few .jar-Files and got the Message ``` -- Problem: XX/log4jtest.tar - java.lang.IllegalArgumentException: malformed input off : 4, length :...
Hi, with the new update to v2021.12.20 i received a exit code 2 with a OKAY jar, why? ``` -- github.com/mergebase/log4j-detector v2021.12.20 (by mergebase.com) analyzing paths (could take a while)....
I think it would be better to release the released versions as Release (https://github.com/mergebase/log4j-detector/releases) instead of appending a date the jar. It's rather hard to gasp when and what has...
