The Log4J flaw is still talking about, we have written a short guide to know the impacted materials by Log4shell vulnerabilities.
Developers have succeeded in creating a small program which can scan your server (Windows / Linux) and which is able to block the vulnerability.
LogPresso: The utility to scan and block the vulnerability
LogPresso is available directly on the official GitHub: https://github.com/logpresso/CVE-2021-44228-Scanner
The program is available for Windows Linux and even Mac.
Once downloaded you must unzip the program then call it from the command line. In our example we will use a Windows server.
Go to the folder where the program is located.
Use the following command
This command scans directories and detects if the library is impacted by the flaw.
You will notice that two tools are impacted , Luniitheque + Screaming Frog!
It is also possible to patch the flaw with the following command
log4j2-scan [--fix] chemin-fichier
With the command –fix the program will rename the vulnerable JAR file to .bak and create a new file without the JndiLookup.class file. The .bak files are archived in a zip file named this way
To restore .bak files use the –restore command.
Regularly follow LogPresso’s Github page to update the program.