Giter Club home page Giter Club logo

psehgaft / log4j-cve-2021-44228 Goto Github PK

View Code? Open in Web Editor NEW

This project forked from lucab85/log4j-cve-2021-44228

0.0 1.0 0.0 15 KB

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Home Page: https://www.ansiblepilot.com/articles/vulnerability-scanner-detector-log4shell-remote-code-execution-log4j-cve-2021-44228-ansible-log4j-cve-2021-44228/

License: MIT License

log4j-cve-2021-44228's Introduction

Log4j-CVE-2021-44228 detector scanner playbook

CI

Ansible playbook to verify target Linux hosts using the official Red Hat Log4j detector script for Log4Shell (CVE-2021-44228).

Red Hat version 1.2 detector 2021-12-20.

The result is saved in a txt file under detector_dir (default: /tmp/cve-2021-44228/).

Ansible Galaxy role

Available in Ansible Galaxy role as lucab85.ansible_role_log4shell:

ansible-galaxy install lucab85.ansible_role_log4shell

How to run

Default variables scan all the /var/ path for affected files. Customize the vars.yml file for more options.

ansible-playbook log4j-cve-2021-44228.yml

Dependencies

None.

Requirements

ansible 2.9+

Variables vars.yml

default values:

sh_detector: "cve-2021-44228--2021-12-20-1836.sh"
sh_signature: 'cve-2021-44228--2021-12-20-1836.sh.asc'
detector_baseurl: 'https://access.redhat.com/sites/default/files/'
detector_path: "/var/"
detector_dir: "/tmp/cve-2021-44228/"
detector_run_dir: 'tmp'
detector_options: '-n -d --no-progress --scan {{ detector_path }}'
gpg_keyid: '7514F77D8366B0D9'
gpg_public_key: 'gpg --keyserver pgp.mit.edu --recv {{ gpg_keyid }}'
clean_run_before: true
delete_after: false
verify_gpg: true

demo execution

PLAY [detector for Apache Log4j (CVE-2021-44228)] ******************************

TASK [Gathering Facts] *********************************************************
ok: [demo]

TASK [include_vars] ************************************************************
ok: [demo]

TASK [dependency present] ******************************************************
ok: [demo]

TASK [create detector directory] ***********************************************
ok: [demo]

TASK [download detector file(s)] ***********************************************
ok: [demo] => (item=cve-2021-44228--2021-12-20-1836.sh)
ok: [demo] => (item=cve-2021-44228--2021-12-20-1836.sh.asc)

TASK [gpg public key] **********************************************************
changed: [demo]

TASK [gpg verify detector] *****************************************************
changed: [demo]

TASK [remove any detector run directory] ***************************************
changed: [demo]

TASK [create detector run directory] *******************************************
changed: [demo]

TASK [run detector/scanner] ****************************************************
changed: [demo]

TASK [files in detector run directory] ************
ok: [demo]

TASK [print vulnerable path(s) found] ******************************************
ok: [demo] => {
    "vulnerable": {
        "changed": false,
        "examined": 1,
        "failed": false,
        "files": [],
        "matched": 0,
        "msg": "All paths examined",
        "skipped_paths": {}
    }
}

TASK [remove detector directory] ***********************************************
skipping: [demo]

PLAY RECAP *********************************************************************
demo                       : ok=12   changed=5    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0

License

MIT / BSD

Author Information

This role was created in 2021 by Luca Berton, author of Ansible Pilot.

Ansible Pilot

More information

Donate

Thank you for supporting me

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.