Subject: [ERROR ENCOUNTERED] 2nd attempt at installing and running log4j/log4shell remote command execution security vulnerability scanner developed by Adil Soybali
Good day from Singapore, I have encountered errors on my 2nd attempt at installing and running log4j/log4shell remote command execution security vulnerability scanner developed by Adil Soybali. Problem Description ==================== While running log4j security scanner, the virtual network adapter in my Ubuntu Linux virtual machine goes down from time to time. I will not be able to ping servers on the internet from time to time. I get Destination Host Unreachable from my ping tests. Details of the setup ==================== Machine type: Laptop with wi-fi connection and connected to mobile hotspot. Host operating system: Windows 10 Pro Hypervisor: Oracle VM VirtualBox 6.1 Virtual machine: Ubuntu 20.04 LTS Linux amd64 Virtual network adapter: NAT mode CONCISE STEPS WHICH I CARRIED OUT ==================================== Update Ubuntu Linux. $ sudo apt-get update Install git. $ sudo apt install git Download the log4j/log4shell security scanner. $ mkdir tools $ cd tools $ git clone https://github.com/adilsoybali/Log4j-RCE-Scanner.git $ cd Log4j-RCE-Scanner $ ./log4j-rce-scanner.sh -d teo-en-ming-corp.com -b yrt45r4sjyoj19617jem5briio3cs.burpcollaborator.net Install curl. $ sudo apt install curl Install amass. $ sudo snap install amass Install pip. $ sudo apt install python3-pip Install httpx. $ sudo pip install httpx $ sudo pip install 'httpx[cli]' Install Go programming language. $ sudo apt install golang Install assetfinder. $ go get -u github.com/tomnomnom/assetfinder $ sudo cp /home/teo-en-ming/go/bin/assetfinder /usr/local/bin Install newer version of Go and overwrite the older version. $ wget https://storage.googleapis.com/golang/go1.7.1.linux-amd64.tar.gz $ sudo tar -zxvf go1.7.1.linux-amd64.tar.gz -C /usr/local/ $ sudo nano ~/.profile export GOROOT=/usr/local/go export GOPATH=$HOME/tutorialspoint/sample export PATH=$GOPATH/bin:$GOROOT/bin:$PATH $ source ~/.profile Check the version of Go installed. $ go version $ cd tools Install subfinder. Rerence guide: subfinder Tool in Linux Link: https://www.geeksforgeeks.org/subfinder-tool-in-linux/ $ wget https://github.com/projectdiscovery/subfinder/releases/download/v2.4.9/subfinder_2.4.9_linux_amd64.zip $ unzip subfinder_2.4.9_linux_amd64.zip $ sudo mv subfinder /usr/local/bin/ Try running the log4j/log4shell security scanner. $ cd tools $ cd Log4j-RCE-Scanner/ $ ./log4j-rce-scanner.sh -d teo-en-ming-corp.com -b yrt45r4sjyoj19617jem5briio3cs.burpcollaborator.net $ ./log4j-rce-scanner.sh -d teo-en-ming-corp.com -b c6tmvbd2vtc0000tgpd0gdpkpiwyyyyyb.interactsh.com Subfinder is working Assetfinder is working Amass is working Usage: httpx [OPTIONS] URL Error: No such option: -s ./log4j-rce-scanner.sh -d adilsoybali.com.tr -b c6tmvbd2vtc0000tgpd0gdpkpiwyyyyyb.interactsh.com Subfinder is working Assetfinder is working Amass is working Usage: httpx [OPTIONS] URL Error: No such option: -s END ==== Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 18 Dec 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast. -----BEGIN EMAIL SIGNATURE----- The Gospel for all Targeted Individuals (TIs): [The New York Times] Microwave Weapons Are Prime Suspect in Ills of U.S. Embassy Workers Link: https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html ******************************************************************************************** Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020): [1] https://tdtemcerts.wordpress.com/ [2] https://tdtemcerts.blogspot.sg/ [3] https://www.scribd.com/user/270125049/Teo-En-Ming -----END EMAIL SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: log4j-user-unsubscr...@logging.apache.org For additional commands, e-mail: log4j-user-h...@logging.apache.org
