This tool is only for learning, research and self-examination. It should not be used for illegal purposes. All risks arising from the use of this tool have nothing to do with me!

dnslog.cn is unable to access the interface from time to time due to the number of requests. If you are unable to scan, please try change dnslog platform from UI.

English | 简体中文

Log4j2 Remote Code Execution Vulnerability, Passive Scan Plugin for BurpSuite.

Support accurate hint vulnerability parameters, vulnerability location, support multi-dnslog platform extension, automatic ignore static files.

Vulnerability detection only supports the following types for now

• Url
• Cookie
• Header
• Body(x-www-form-urlencoded, json, xml, multipart)

Maven and JDK 11.0 or later is recommended

$ mvn package

1. add GoDnslog backend, thx for @54Pany .
2. add fuzz setting ui.
3. add poc setting ui.
4. add Body(json, xml, multipart) fuzz.
5. opt header guess-fuzz logic.

1. bypass dnslog.cn filter.

1. add backend setting panel.
2. add RevSuit-DNS backend.

1. add RevSuit-RMI backend.
2. fix domain toLowerCase by server can't match issue.

1. add static-file ignore.
2. add mulit poc support.
3. add burpcollaborator dnslog backend,default use dnslog.cn.

1. add header fuzz.

1. add rc1 patch bypass.

Some of the code in the plugin is borrowed from the following projects

https://github.com/pmiaowu/BurpShiroPassiveScan/