Comments (9)
I added the possibility to add targets over stdin.
$ cat target.txt | ./scan4log4shell remote url
or
$ crawler | ./scan4log4shell remote url
Unfortunately, the program does not have its own crawler
from scan4log4shell.
The scanner does not stop. All targets are always scanned.
Various catchers (TCP, DNS, LDAP) are included. Burp is not yet supported. But you can easily extend it:
scan4log4shell/internal/catcher.go
Lines 18 to 23 in 7816779
Your welcome to create a pull request
from scan4log4shell.
also, is it possible to scan a text file with multiple URL addresses? i.e scan4log4shell remote urls.txt
Cheers
from scan4log4shell.
Hi,
That’s great, we can copy and paste on the target.txt file the URLs from Burp. Thank you very much.
Cheers
from scan4log4shell.
it seems it can't stand these commands
cat targets.txt | scan4log4shell remote url
requires at least 1 arg(s), only received 0
cat targets.txt | scan4log4shell remote
from scan4log4shell.
Are you using the correct version v1.2.0?
from scan4log4shell.
Oh, I'm really sorry, it seems I was using the old version. my bad!
Thanks
from scan4log4shell.
Works like a charm now!
btw, last question, if the list of url addresses I scan is large, when the scanner finds a vulnerability does it stop or will it report them at the end when it finishes scanning?
from scan4log4shell.
or there is the option instead of interactsh to use Burp collaborator and then we see in real time when it finds an interaction?
from scan4log4shell.
Related Issues (6)
- Detect patched log4j-core-2*.jar ? HOT 4
- Add more vuln apps to the vulnerable test environment
- go mod tidy: go.mod file indicates go 1.17, but maximum supported version is 1.15 HOT 2
- run,run-local and run-remote not showing up from "make help" HOT 3
- Adding makefile target to build the tool only HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scan4log4shell.