giterlizzi / nmap-log4shell Goto Github PK
View Code? Open in Web Editor NEWNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
License: MIT License
Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
License: MIT License
Module stringaux not found
error in Centos 7.
Install nmap:
yum -y install nmap
Then install and run script:
nmap --script log4shell.nse --script-args log4shell.callback-server=10.111.11.150:1389 -p 8080 10.111.11.149 [vagrant@attack
NSE: Failed to load /usr/bin/../share/nmap/scripts/log4shell.nse:
/usr/bin/../share/nmap/scripts/log4shell.nse:129: module 'stringaux' not found:
NSE failed to find nselib/stringaux.lua in search paths.
no field package.preload['stringaux']
no file '/usr/local/share/lua/5.2/stringaux.lua'
no file '/usr/local/share/lua/5.2/stringaux/init.lua'
no file '/usr/local/lib/lua/5.2/stringaux.lua'
no file '/usr/local/lib/lua/5.2/stringaux/init.lua'
no file './stringaux.lua'
no file '/usr/local/lib/lua/5.2/stringaux.so'
no file '/usr/local/lib/lua/5.2/loadall.so'
no file './stringaux.so'
stack traceback:
[C]: in function 'require'
/usr/bin/../share/nmap/scripts/log4shell.nse:129: in function </usr/bin/../share/nmap/scripts/log4shell.nse:1>
NSE: failed to initialize the script engine:
/usr/bin/../share/nmap/nse_main.lua:547: could not load script
stack traceback:
[C]: in function 'error'
/usr/bin/../share/nmap/nse_main.lua:547: in function 'new'
/usr/bin/../share/nmap/nse_main.lua:783: in function 'get_chosen_scripts'
/usr/bin/../share/nmap/nse_main.lua:1271: in main chunk
[C]: in ?
QUITTING!
[vagrant@attacker ~]$ cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
Thank you for your time and effort to make cyber world safe. How do I tell in the scan results that the host is vulnerable? Thank you
Hi,
First of all, thank you very much for this code. We are able to upload the NSE file in our NMAP.
Now the challenge we are facing right now is how to execute the scan. Based on the README.md, we just need to upload the nse file to our NMAP and do an update. However I am confused on the syntax:
nmap --script log4shell.nse [--script-args log4shell.callback-server=127.0.0.1:1389] [-p ]
Link
https://github.com/feihong-cs/JNDIExploit
seems to be removed.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.