mubix/CVE-2021-44228-Log4Shell-Hashes

Stars
153
Rank 243,368 (Top 5 %)
Language
Created almost 3 years ago
Updated over 1 year ago

mubix/CVE-2021-44228-Log4Shell-Hashes

mubix

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Hashes for vulnerable LOG4J versions

CVE-2021-44228-Log4Shell-Hashes

Hashes for vulnerable LOG4J versions

Created to help orgs search for this vulnerable versions

https://www.lunasec.io/docs/blog/log4j-zero-day/

Source of the hashes: https://archive.apache.org/dist/logging/log4j/

~~Possibly 1.X affected to apache/logging-log4j2#608~~
Version 1.0 is NOT vulnerable: https://twitter.com/ceki/status/1469449618316533762?s=20
Detection Rules: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
VMware Vulnerable: https://www.randori.com/blog/cve-2021-44228/
Proof of Concept JNDI/LDAP server: https://github.com/veracode-research/rogue-jndi

post-exploitation

Post Exploitation Collection

shellshocker-pocs

Collection of Proof of Concepts and Potential Targets for #ShellShocker

post-exploitation-wiki

Post Exploitation Wiki

solarflare

SolarWinds Orion Account Audit / Password Dumping Utility

netview

Netview enumerates systems using WinAPI calls

vt-notify

Get email notification when Virus Total has a copy of your binary.

IOXIDResolver

IOXIDResolver.py from AirBus Security

osx-wificleaner

Cleans out "open" wireless connections from OSX machine

pykek

Kerberos Exploitation Kit

howtowinccdc

Notes, Slides, Comments and Commands on How to Win CCDC

akb

Attack Knowledge Base

cfdb

Common Findings Database

Not-In-Pentesting-Class

The Dirty Secrets They Didn't Teach You In Pentesting Class

repos

List of Repositories

open-ssids

SSIDs for the Hak5 Wifi Pineapple's PineAP setup

ditto

Binary resource copier

WhiteChapel

password cracking front end

sectaskbars

Security Product Taskbar Icons (to identify from screenshots)

tools

Operational toolset utilizing git's submodule feature

FakeNetBIOS

stuff

Things I've coded, or use (cause I can't find them online anymore)

DeleteThatTweet

Monitors a Twitter stream and saves off any tweet that is deleted.

manage2decrypt

ManageEngine OpManager Decryption Tools

windows-hardening

Because I can't find scripts to do this anywhere else...

windows-declutter

Windows 10 De-Clutter script

ccdc_malware

Talk given at DerbyCon and RuxCon 2016

mubix.github

Malicious Link Blog

local-hibp

How to set up a local copy of Have-I-Been-Pwned's password checking service

whitechapel-ng

Next Generation of White Chapel

attackbox

Ansible scripts to build an attack box

lmo

LetMeOutOfYour.net Resources

metasploitwiki

Clone of Metasploit's wiki w/ additions

Interceptor

PowerShell HTTP(s) Intercepting Proxy

hackingtogether

#HackingTogether

securitytitles.com

Standardizing Security Titles

ctf

Capture The Flag Information

GScriptOldEmal

Deletes old email from my Gmail accounts

twitter-list-follow

Follow all members of a list

elgamalcrypto

Simple Python Elgamal Encryption and Decryption Tool

presentations

Public copies of my previous presentations

bliizard_escalation

decryptcpuu

Decrypt "Unrestricted" CPUU.ini passwords

ctfjournal.com

CTF Journal Blog - All are welcome

twitterfriendsopml

Generate an OPML based on the URLs in the people you follow on Twitter's bios

portals

Repository of captive portals from around the world

8021xbridge

Automatically exported from code.google.com/p/8021xbridge

disappeared

Repo of sites and tools that went %POOF%

meterpy

Meterpreter On-target Python Scripts

random-scripts

Just random scripts of things I don't want to lose

squirtle

A fork of the Squirtle project from: http://code.google.com/p/squirtle/

PowerWorm

Analysis, detection, and removal of the "Power Worm" PowerShell-based malware

mubix

ntlmv1des

Cracks DES C3 piece of NTLMv1 and combines into Crack.sh format

epilogue

ShmooCon Epilogue Website