Closed NopeNix closed 2 years ago
+1
Solved!
sudo -H python3 -m pip install "requests[security]"
after that, restart your pc
+1
Similar output while using the dockerfile:
[•] CVE-2021-44228 - Apache Log4j RCE Scanner [•] Scanner provided by FullHunt.io - The Next-Gen Attack Surface Management Platform. [•] Secure your External Attack Surface with FullHunt.io. [•] Initiating DNS callback server (interact.sh). Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 699, in urlopen httplib_response = self._make_request( File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 382, in _make_request self._validate_conn(conn) File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn conn.connect() File "/usr/local/lib/python3.10/site-packages/urllib3/connection.py", line 416, in connect self.sock = ssl_wrapsocket( File "/usr/local/lib/python3.10/site-packages/urllib3/util/ssl.py", line 449, in ssl_wrap_socket ssl_sock = _ssl_wrap_socketimpl( File "/usr/local/lib/python3.10/site-packages/urllib3/util/ssl.py", line 493, in _ssl_wrap_socket_impl return ssl_context.wrap_socket(sock, server_hostname=server_hostname) File "/usr/local/lib/python3.10/ssl.py", line 512, in wrap_socket return self.sslsocket_class._create( File "/usr/local/lib/python3.10/ssl.py", line 1070, in _create self.do_handshake() File "/usr/local/lib/python3.10/ssl.py", line 1341, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:997)
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/requests/adapters.py", line 439, in send resp = conn.urlopen( File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 755, in urlopen retries = retries.increment( File "/usr/local/lib/python3.10/site-packages/urllib3/util/retry.py", line 574, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='interact.sh', port=443): Max retries exceeded with url: /register (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:997)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/app/log4j-scan.py", line 349, in
For now, if you want, you can use my prebuilt images at: https://hub.docker.com/r/jauderho/log4j-scan
Usage:
docker run --rm -ti jauderho/log4j-scan:latest -u <URL>
I'll be submitting a pull request to this repo when I get some time so that folks can build locally.
Hi @jauderho! Can you please submit a PR with your fixes of the Dockerfile :)
Hi @NopeNix The DNS callback listeners are getting constant outages over the past days. This will be probably the reason you're receiving connection reset errors. Another reason would be if the network connection is blocking this host.
Hi!
I'm using the Dockerfile - as it is - from this repo.
i tired the startparameter "-h" first: WORKS. after that, for testing i tried the startparameter "-u https://google.de" (or any other url)
now my output looks like this: