fox-it/log4j-finder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78 Commits 1 Branch 0 Tags
main
Commit Graph

78 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yunzheng
44b755aa61 Merge pull request #80 from grmt/feature/add-hash-2.17.1
Some checks failed
Package Application with Pyinstaller / build-windows (push) Has been cancelled
Details
Package Application with Pyinstaller / build-linux (push) Has been cancelled
Details 
2.17.1 is also good
 2021-12-30 12:41:07 +01:00
grmt
e039978855 2.17.1 is also good 2021-12-30 10:31:19 +01:00
yunzheng
52f1e5a086 Updated README.md with signed windows executable 
We now have signed windows binaries for v1.2.0  \o/
 2021-12-22 14:12:31 +01:00
yunzheng
f680eac4de Merge pull request #69 from erottier/main 
Add application parameters to readme.md
 2021-12-22 10:07:14 +01:00
erottier
79c6a12498 Update README.md 2021-12-22 10:02:49 +01:00
erottier
40c8d07c53 Merge pull request #1 from erottier/erottier-patch-1 
Add application parameters to readme.md
 2021-12-21 21:28:29 +01:00
erottier
91c13fe5c0 Add application parameters to readme.md 2021-12-21 21:26:59 +01:00
Yun Zheng Hu
9c340826a9 Update screenshot for v1.2.0 2021-12-20 11:18:00 +01:00
yunzheng
944d738b07 Preparing v1.2.0 release 2021-12-20 10:01:49 +01:00
yunzheng
0895dc7afd Merge pull request #53 from yunzheng/main 
Don't resolve() Path objects so relative scans paths show up relative
 2021-12-19 15:08:42 +01:00
Yun Zheng Hu
5dddb6c34d Don't resolve() Path objects so relative scans paths show up relative 2021-12-19 15:05:41 +01:00
yunzheng
b823a5eb55 Merge pull request #48 from yunzheng/zip-support 
Add support for processing files with .zip extension
 2021-12-18 15:06:30 +01:00
yunzheng
2069d1dde3 Merge pull request #47 from yunzheng/version-info 
Output log4j-finder and Python version to debug and info logging
 2021-12-18 15:06:22 +01:00
Yun Zheng Hu
20fb86f742 Also process files with the .zip extension 2021-12-18 14:32:27 +01:00
Yun Zheng Hu
cde4562934 Output log4j-finder and Python version to debug and info logging 
This helps identifying the Python runtime version for compiled binaries
 2021-12-18 14:28:16 +01:00
yunzheng
07bf19973c Merge pull request #46 from yunzheng/main 
Fixed files and directory stats
 2021-12-18 12:27:24 +01:00
Yun Zheng Hu
7e2223cc95 Fixed files and directory stats 
An empty collection.Counter() evaluates to False, use `if stats is None` instead.
 2021-12-18 12:24:30 +01:00
yunzheng
b920b030a9 Merge pull request #43 from yunzheng/main 
Added log4j 2.17.0 hash and mark as the only good version (CVE-2021-45105)
 2021-12-18 11:39:23 +01:00
Yun Zheng Hu
d52dd49541 Added log4j 2.17.0 hash and mark as the only good version (CVE-2021-45105) 
log4j 2.17.0 fixes CVE-2021-45105:
Apache Log4j2 does not always protect from infinite recursion in lookup evaluation

source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105
 2021-12-18 11:35:47 +01:00
yunzheng
d1810c41a2 Merge pull request #42 from yunzheng/main 
Added missing log4j 2.12.2 MD5 hash
 2021-12-18 11:34:05 +01:00
Yun Zheng Hu
90bf22e42c Added missing log4j 2.12.2 MD5 hash 2021-12-18 11:33:12 +01:00
yunzheng
46276b4cf7 Merge pull request #41 from fox-it/add-license-1 
Added MIT License
 2021-12-18 10:56:18 +01:00
yunzheng
6ba3846005 Added MIT License 2021-12-18 10:52:33 +01:00
yunzheng
1f922ea6ad Merge pull request #39 from fox-it/revert-36-main 
Revert "Remove incorrect has_lookup=False for JndiLookup.class"
 2021-12-17 21:52:36 +01:00
yunzheng
05ee217087 Revert "Remove incorrect has_lookup=False for JndiLookup.class" 2021-12-17 21:48:50 +01:00
yunzheng
f576426602 Merge pull request #37 from KrisJanssen/main 
Fix zip internal path issue on Windows
 2021-12-17 21:43:08 +01:00
Kris Janssen
7f25b75c24 Merge branch 'fox-it:main' into main 2021-12-17 21:40:20 +01:00
yunzheng
c39e02cdbf Restored figlet 
It's important :)
 2021-12-17 21:37:26 +01:00
yunzheng
a8036feaaf Merge pull request #34 from mjsalmi/main 
Add ability to exclude files and directories
 2021-12-17 21:33:48 +01:00
Kris Janssen
e85598122d Fix zip internal path issue on Windows 2021-12-17 19:48:24 +01:00
yunzheng
11600acd66 Merge pull request #36 from yunzheng/main 
Remove incorrect has_lookup=False for JndiLookup.class
 2021-12-17 19:45:16 +01:00
Yun Zheng Hu
915ac5c179 Remove incorrect has_lookup=False for JndiLookup.class 
The exception handler set has_lookup=False, while it should remain True
 2021-12-17 19:42:20 +01:00
Mikko Salmi
e0660d16b7 Merge branch 'fox-it:main' into main 2021-12-17 18:33:23 +02:00
Mikko Salmi
d871e19cbb Add ability to exclude directories or paths 2021-12-17 18:26:12 +02:00
yunzheng
16283db339 Merge pull request #33 from yunzheng/main 
Fallback to BytesIO only when needed regarding ZipFile nested zips
 2021-12-17 17:20:42 +01:00
Yun Zheng Hu
f179c081d8 Fallback to BytesIO only when needed regarding ZipFile nested zips 
See https://github.com/fox-it/log4j-finder/pull/22 for more bug details
 2021-12-17 17:15:04 +01:00
yunzheng
abece018d3 Merge pull request #22 from dariux/war-patch 
Fixing scanning issue of jars inside war files
 2021-12-17 16:35:21 +01:00
Darius Braziunas
16ffe76610 Merge github.com:fox-it/log4j-finder into war-patch 2021-12-17 06:14:13 -05:00
yunzheng
b6558017aa Merge pull request #29 from yunzheng/main 
Added note to install Python 3.8.10 for Windows 7 compatibility
 2021-12-17 11:56:22 +01:00
Yun Zheng Hu
148c912370 Added note to install Python 3.8.10 for Windows 7 compatibility 2021-12-17 11:52:43 +01:00
yunzheng
db5b8d9062 Merge pull request #28 from yunzheng/main 
Added "How it works" section to README.md
 2021-12-17 11:39:00 +01:00
Yun Zheng Hu
90bcdba0a4 Fixed wording regarding processing and scanning 2021-12-17 11:36:00 +01:00
Yun Zheng Hu
2f3f9c11a6 Emphasis NOT and ONLY and added Rationale 2021-12-17 11:31:32 +01:00
Yun Zheng Hu
2ec1d633ec Added "How it works" section to README.md 2021-12-17 11:16:46 +01:00
yunzheng
071aa46eb8 Merge pull request #25 from yunzheng/main 
Don't use zipfile.Path to remain compatible with Python 3.6
 2021-12-17 08:48:12 +01:00
Yun Zheng Hu
7a9e76a8bf Don't use zipfile.Path to remain compatible with Python 3.6 2021-12-17 08:45:20 +01:00
Darius Braziunas
e8e9d329f6 Merge github.com:fox-it/log4j-finder into war-patch 2021-12-16 20:55:42 -05:00
yunzheng
b15038b99c Merge pull request #23 from yunzheng/main 
Add hostname to output and refactored parts of script
 2021-12-17 01:17:13 +01:00
Yun Zheng Hu
ce0b0a41fe Add hostname to output and refactored parts of script 2021-12-17 01:04:46 +01:00
Darius Braziunas
823c9a2194 Update log4j-finder.py 2021-12-16 18:59:20 -05:00