[ERROR ENCOUNTERED] 2nd attempt at installing and running log4j/log4shell remote command execution security vulnerability scanner developed by Adil Soybali

Subject: [ERROR ENCOUNTERED] 2nd attempt at installing and running log4j/log4shell remote command execution security vulnerability scanner developed by Adil Soybali


Good day from Singapore,


I have encountered errors on my 2nd attempt at installing and running log4j/log4shell remote command execution security vulnerability scanner developed by Adil Soybali.


Problem Description

====================


While running log4j security scanner, the virtual network adapter in my Ubuntu Linux virtual machine goes down from time to time. I will not be able to ping servers on the internet from time to time. I get Destination Host Unreachable from my ping tests.


Details of the setup

====================


Machine type: Laptop with wi-fi connection and connected to mobile hotspot.

Host operating system: Windows 10 Pro

Hypervisor: Oracle VM VirtualBox 6.1

Virtual machine: Ubuntu 20.04 LTS Linux amd64

Virtual network adapter: NAT mode


CONCISE STEPS WHICH I CARRIED OUT

====================================


Update Ubuntu Linux.


$ sudo apt-get update


Install git.


$ sudo apt install git


Download the log4j/log4shell security scanner.


$ mkdir tools


$ cd tools


$ git clone https://github.com/adilsoybali/Log4j-RCE-Scanner.git


$ cd Log4j-RCE-Scanner


$ ./log4j-rce-scanner.sh -d teo-en-ming-corp.com -b yrt45r4sjyoj19617jem5briio3cs.burpcollaborator.net


Install curl.


$ sudo apt install curl


Install amass.


$ sudo snap install amass


Install pip.


$ sudo apt install python3-pip


Install httpx.


$ sudo pip install httpx


$ sudo pip install 'httpx[cli]'


Install Go programming language.


$ sudo apt install golang


Install assetfinder.


$ go get -u  github.com/tomnomnom/assetfinder


$ sudo cp /home/teo-en-ming/go/bin/assetfinder /usr/local/bin


Install newer version of Go and overwrite the older version.


$ wget https://storage.googleapis.com/golang/go1.7.1.linux-amd64.tar.gz


$ sudo tar -zxvf go1.7.1.linux-amd64.tar.gz -C /usr/local/


$ sudo nano ~/.profile


export GOROOT=/usr/local/go

export GOPATH=$HOME/tutorialspoint/sample

export PATH=$GOPATH/bin:$GOROOT/bin:$PATH


$ source ~/.profile


Check the version of Go installed.


$ go version


$ cd tools


Install subfinder.


Rerence guide: subfinder Tool in Linux

Link: https://www.geeksforgeeks.org/subfinder-tool-in-linux/


$ wget https://github.com/projectdiscovery/subfinder/releases/download/v2.4.9/subfinder_2.4.9_linux_amd64.zip


$ unzip subfinder_2.4.9_linux_amd64.zip


$ sudo mv subfinder /usr/local/bin/


Try running the log4j/log4shell security scanner.


$ cd tools


$ cd Log4j-RCE-Scanner/


$ ./log4j-rce-scanner.sh -d teo-en-ming-corp.com -b yrt45r4sjyoj19617jem5briio3cs.burpcollaborator.net


$ ./log4j-rce-scanner.sh -d teo-en-ming-corp.com -b c6tmvbd2vtc0000tgpd0gdpkpiwyyyyyb.interactsh.com


 Subfinder is working 



 Assetfinder is working 



 Amass is working 


Usage: httpx [OPTIONS] URL


Error: No such option: -s


./log4j-rce-scanner.sh -d adilsoybali.com.tr -b c6tmvbd2vtc0000tgpd0gdpkpiwyyyyyb.interactsh.com



 Subfinder is working 



 Assetfinder is working 



 Amass is working 


Usage: httpx [OPTIONS] URL


Error: No such option: -s


END

====


Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 18 Dec 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

 




REFERENCES

===========


[1] https://www.mail-archive.com/log4j-user@logging.apache.org/msg18048.html


[2] https://pastebin.com/raw/qfKiRH3n

Comments

Post a Comment

Popular posts from this blog

[24 Mar 2022 Thursday] Erectile Dysfunction and Viagra

Image
Subject: [24 Mar 2022 Thursday] Erectile Dysfunction and Viagra I have erectile dysfunction due to taking medications for mental illness (schizophrenia). Without Viagra, my penis is soft like jelly most of the time. There is no way I can penetrate a woman’s vagina due to erectile dysfunction. Today is the very 1st time I am taking Viagra. It allows my penis to remain hard and fully erected for 2 solid hours during sexual intercourse. Thanks Viagra! I can finally have sex! I am already 44 years old. What am I missing out in life?????? Do I still qualify to be a Japanese Adult Video (JAV) porn star actor???????? Link:  https://m.facebook.com/story.php?story_fbid=10158113552827735&id=646397734
Read more

[YOUTUBE] Mental illnesses were invented by governments to punish targeted individuals

Hi, my name is Turritopsis Dohrnii Teo En Ming. I am a Targeted Individual living in Singapore. The topic for this Youtube video is: Mental illnesses were invented by governments to punish people whom they don’t like. We do not know when or in which era mental illnesses were invented. We do not know which government or which group of governments invented mental illness. But we do know every government in every country all over the world gives or reward mental illness to people whom they don’t like. If you say something which your government don’t like, your government will very likely reward or award you with mental illness. Governments use mind control technology, which is a hybrid of multi-disciplinary technologies like brain implants, biocommunications engineering and satellite communications to make you hear menacing and threatening voices and also to read your mind and thoughts. Governments then cover up for all of these by saying it is mental illness so as to create a social stig...
Read more